2-Factor Authentication

Definition of Two Factor Authentication

Two Factor Authentication (2FA) is a security measure that requires two forms of authentication to identify a user.
In addition to User/Password authentication, a second factor must be provided in order to login. There are a wide variety of 2FA services out there that will work with the IACBOX.

The IACBOX uses the Time-based One-time Password (TOTP) method based on smartphone apps hat generate a random 6-digit PIN every 30 seconds.

TIP

Recommended Authentication Apps:

Authenticator
Googe Authenticator
Microsoft Authenticator
OTP

Enable 2-Factor Authentication

Enabling 2FA is a short and easy 3-step process that can be started in the users account settings page.
It is also part of operating the IACBOX securely.
An Authentication App is necessary to set up the 2FA.

The key-icon shows the current status.

A gray key-icon indicates that 2FA has not been set up yet.
A green key-icon indicates that 2FA has been set up correctly.

Click on the Manage-Button and a pop-up will appear. Next, click on Enable to receive a QR-Code.
This QR-Code must be scanned via the Authentication App.

Step 1 - Scan QR-Code

Scan the code with your smartphone camera or any qr-code reader. It will forward you to your chosen authentication app.

Step 2 - Type in 6-digit PIN

After scanning the QR-Code from the WebAdmin the Authentication App will provide a 6-Digit PIN that is needed to finalize the 2FA setup in the WebAdmin. Next to the pin is your username, in case you already have other 2FA logins stored.

TIP

We would like to provide a screenshot to show you how it looks in the app. But, as a good security app is supposed to behave, it is not possible to take screenshots from it.

Type in the 6 digits into the intended field and click the Validate-button. If validation went succesful a message appears and step 3 appears.

Step 3 - Recovery Codes

Step 3 provides a safety measure in case access to the Authentication App is no longer possible. After a succesfull validation, 5 recovery codes will be provided.

DANGER

Please store those recovery codes responsibly to prevent misuse or permanent loss of an account

Recovery Codes can be used as the 6-Digit Verification Code required for 2FA Login.

WARNING

Each Recovery Code is one time use only.

Disable 2-Factor Authentication

2FA can be enabled and disabled on a per-user basis.
In the WebAdmin -> System / WebAdmin User section the 2FA settings can be adjusted for each user individually.
Disabling the 2-Factor Authentication is as easy as toggling the checkbox in this menu.

2-Factor Authentication

Definition of Two Factor Authentication #

Enable 2-Factor Authentication #

Step 1 - Scan QR-Code #

Step 2 - Type in 6-digit PIN #

Step 3 - Recovery Codes #

Disable 2-Factor Authentication #