2FA: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Two Factor Authentication (2FA) == It's possible to use 2FA from GUI's version 20. Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are tim...") |
|||
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
It's possible to use 2FA from GUI's version 20. | It's possible to use 2FA from GUI's version 20. | ||
Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited. | |||
=== Required === | |||
Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited. (install ntp service there) | |||
=== Settings in the GUI === | === Settings in the GUI === | ||
* user with admin permissions can activate 2FA's requirement for | * user with admin permissions can activate 2FA's requirement for any user (in GUI->Users & Audit). When its enabled, the 2fa setup is required. | ||
* admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit) | * admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit) | ||
* user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting. | * user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting. | ||
Line 25: | Line 27: | ||
=== Problem solving === | === Problem solving === | ||
* | * You can disable 2FA authentication for any user inside database with following query | ||
update users set secret = null, req_2fa = 0 where username = 'USER'; | mysql> update users set secret = null, req_2fa = 0 where username = 'USER'; |
Latest revision as of 17:41, 29 June 2018
Two Factor Authentication (2FA)
It's possible to use 2FA from GUI's version 20.
Required
Be sure you have synchronized time on your GUI's server because 2FA pins(codes) are time limited. (install ntp service there)
Settings in the GUI
- user with admin permissions can activate 2FA's requirement for any user (in GUI->Users & Audit). When its enabled, the 2fa setup is required.
- admin user can delete actual 2FA secret from user's account (in GUI->Users & Audit)
- user can change/setup its 2FA secret in the section GUI->User settings->Change user auth. This option joins the password and the 2FA setting.
- follow the setup dialog
Setting of the 2FA code generator
you can use various 2FA applications:
- Google Authenticator for Android https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
- Google Authenticator for IOS https://itunes.apple.com/cz/app/google-authenticator/id388497605?mt=8
- Google Authenticator as plugin for Chrome Browser https://chrome.google.com/webstore/detail/google-authenticator/njkhnbmlaefgkjpaghgphiceaocdblgl
- Authenticator plugin for Firefox https://addons.mozilla.org/en-US/firefox/addon/auth-helper/?src=search
Import account setting from QR code into yours application and start to use it.
Problem solving
- You can disable 2FA authentication for any user inside database with following query
mysql> update users set secret = null, req_2fa = 0 where username = 'USER';