Breadcrumbs

Two-factor authentication

Two-factor authentication improves your security by requesting the username and password upon login and a code from an external physical device.

Among other things, this provides an added layer of security and should prevent users from sharing their credentials.

Setup

  1. Enable the 2-factor authentication for the specific user group.

    image-20230621-102534.png

  2. When a user belonging to the group tries to log in for the first time, the user is requested to use or install the 2-factor authentication client (for example Authy, Google authenticator, MS Authenticator) on their mobile device.

  3. The VMS and the authentication client are synchronized with the software with VMS.

  4. This is done by transferring the "secret key" generated by the VMS to the authentication software via QR code or directly typing it to the software.

image-20230621-102547.png

  1. The authentication client automatically generates new one-time passwords.

  2. The passwords change periodically and are kept in sync as the VMS clocks and the authentication app have the same time.

  3. Note that this does not require any direct data communication link between the software.

Login with 2FA

  1. Enter your username and password.

  2. The system requests an authentication code from the authentication app for each login.

  3. Enter the one-time password from the authentication app.

image-20230621-102610.png

Maintenance

  1. If a user forgets their 2-factor secret key, the administrator can reset it from the system manager.

  2. After the 2-factor secret key reset, the user needs to update the private key the next time they log in.

image-20230621-102632.png