Contents x
    Add multi-factor authentication
    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Add multi-factor authentication

    • 1 minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    When enabling the multi-factor authentication, an extra security layer is added to the account. You can log in with the password, and additionally with the code sent to a device.

    Info

    For this feature, Google Authenticator and Microsoft Authenticator are some of the applications that can be used to perform multi-factor authentication.

    Info
    You can turn off TOTP-based MFA authentication as the system default setting, allowing you to integrate another multi-factor authentication provider. To deactivate, enter the command orbit app mfa-plugin disable via Orbit, and to reactivate, use the command orbit app mfa-plugin enable.


    For additional MFA settings, read the article security settings.

    Enable multi-factor authentication

    To enable the multi-factor authentication for the user, follow these steps:

    1. Click on the drop-down menu in the title bar next to the username.
    2. Select Configure MFA.
    3. Click Yes to proceed with the token settings.
    4. Launch the authentication application from your mobile device. 
    5. Read the QR code displayed on the screen by using the camera. 
    6. The token is then registered in the application, and an authentication code is displayed.
    7. After configuring the token on the application, click on the link indicated on your senhasegura screen.
    8. Fill in the Token with the application-generated code.
    9. Click Validate.

    From this moment, when logging in, you will need to perform the multi-factor authentication.

    Info
    Events related to multi-factor authentication settings are notified through SIEM AND SYSLOG.

    MFA to start sessions

    senhasegura allows administrators to force the use of multi-factor authentication before starting a session. This helps ensure that only authorized users can use elevated credentials.

    1. Navigate to Settings➔System parameters➔System parameters➔Security.
    2. Enable the option Force multi-factor authentication to start a session?*.

    By enabling this option, before starting the session, the user will have to enter the authenticator code configured in senhasegura.

    TOTP Token periodic request configuration

    This configuration makes it possible to force the token request at each password view or access.

    1. Go to Settings➔System Parameters➔System Parameters➔Security.
    2. Set the time parameters:
      • Time between token requirement for custody (minutes)
      • Time between token requirement for sessions (minutes)
    Was this article helpful?
    What's Next
    Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
    Connect With Us
    SENHASEGURA
    LEARN
    EXPLORE
    Copyright © senhasegura. All Rights Reserved