What is 2-factor authentication?

2FA or 2-factor authentication is a security measure mainly used to log into systems in a secure way.

The user first logs into the system with his username and password and then he gets a second verification request (SMS, Email, or Google authenticator) which provides the user with a code that he needs to enter.

Authentication manners

The system is set with a default authentication manner set by the Admin, but each user can set his preferred default authentication manner:

• Email

• Google Authenticator (requires setup before it can be used)

• SMS via Twilio (requires having a valid mobile number updated in the system)

Users can set their preferred authentication manner from: My menu > Resource information > Default authentication manner

Email authentication manner

Initial setup by the user

Steps to change the default authentication to Emal verification:

From: My menu > Resource information

1. Select “Email” in the “Default authenticator” field (fig 2)

2. Make sure the login email is set correctly (fig 3). The authentication email will be sent to this email.

Log in with Email authentication

When logging in, after entering the Username and password the 2FA page will prompt and the verification email will be sent to the Login email of the user

The verification code received in the mail should be entered to gain access to the system (fig 1)

Google Authenticator for mobile

Initial setup by the user

Steps to change the default authentication to Google Authenticator for mobile.

First, the OOONA user must be linked to a Mobile’sGoogle Authenticator.

From: My menu > Resource information

1. Select “Google Authenticator” in the “Default authenticator” field (fig 1)

2. Click “Generate google authenticator info” to show your unique QR code (fig 2)

CHANGE SCREENSH

3. Download the Google Authenticator app to your phone

Add links to google play and apple store

4. Open the Google Authenticator app on your phone

5. Click “Scan QR code” and scan the QR code received in step 2

Log in with the Google Authenticator app

1. Open the Google authentication app on your phone to show your code for this login:

2. Log in to OOONA Manager using your username and password:

3. The 2FA page will prompt.

4. Enter the code received on your phone (fig 1)

Google Authenticator for browser

Initial setup by the user

Steps to change the default authentication to Google Authenticator for mobile

First, the OOONA user must be linked to a browser’s Google authenticator

1. Add the Google Authenticator add-on to your browser https://chrome.google.com/webstore/detail/authenticator/bhghoamapcdpbohphigoooaddinpkbai?hl=en

2. Pin the Authenticator add-on for easy access

3. Navigate to your Resource info page: My menu > Resource information

4. Select “Google authenticator” in the “Default authenticator” field (fig 2)

5. Click “Generate google authenticator” info (fig 1)

6. Click the pinned authenticator icon (fig 2)

7. Click scan QR code

8. Scan by dragging with the mouse over your Google authenticator QR code (fig 4)

CHANGE SCREENSHOT

Log in with a Browser’s Google Authenticator

1. Log in to OOONA Manager using your username and password

2. Click the pinned Google authenticator icon (fig1)

3. Click the code to copy it (fig 2)

4. Paste the code (fig 3)

SMS (Twilio)- TBC

Initial activation of 2FA in OOONA Manager by System Administrator

Activating 2-factor authentication

2-factor authentication is activated at a system level.

From: Administrator > Web Administrator > Configuration > Security

1. Switch ON “Enable two-factor authentication” (fig 4)

2. Select the default authentication manner (fig 5):

   1. Email

   2. SMS (Twilio)

   3. Google Authenticator (requires initial setup by the user)

Disabling the 2-factor authentication for internal IPs- TBC