Two Factor Authentication (2FA) using one time password
- Åsmund Lie
- Brok Howard
- Åsmund Johansen
- Chris Murray
Enable 2FA
Admin users can enable two factor authentication for users by turning on the feature “Use One Time Password (2FA)” as explained in Enable two factor authentication for users .
This only affects web login, including the admin system and client when using modern sign-in.
Pair a device
The first time a user with 2FA enabled signs in, they are prompted with a pair device page.
Users can use any app that supports the Time-based one-time password (TOTP) protocol. Like Google Authenticator (Play Store or App Store) or Microsoft Authenticator (Play Store or App Store).
These apps normally have an “Add account” menu option where you can scan the QR code provided by dRofus. Once this is set up, press “Click here to continue”.
Logging in with 2FA
After 2FA is set up, whenever the user signs in after entering the username and password, they will be prompted for a one-time password. Open the app you paired your dRofus account with, click on the account, and a one-time password will be shown.
If they check the option “Keep me signed in on this device, “ they will not have to go through this step until they choose to sign out.
“Lost device”
If they have lost their phone or need to reset / pair a new device, the only option currently is to contact your dRofus administrator and ask them to reset the 2FA in the admin system. They are then prompted with the “pair a device” step again.