no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


Previous revision
Next revision
2fa [2020_08_20 13:02] dan
Line 1: Line 1:
 +======Two-Factor Authentication (2FA)======
  
 +==last updated on: Aug. 20, 2020==
 +
 +The Enterprise File Fabric supports two-factor authentication. This can also be referred to as two-step verification or dual factor authentication.
 +
 +2FA is a security process in which the user provides two different authentication factors to verify themselves to better protect both the user's credentials and the resources the user can access. 
 +
 +If 2FA is turned then users first login with their password before and are then  issued a secondary authentication challenge.
 +
 +Two Factor Authentication can be turned on for all of a File Fabric organization' members and the org. admin by the org. admin from the Security tab of the Policies page:
 +
 +{{ :2fa_no_qr_code.png?direct&400 |}}
 +
 +The File Fabric supports three types of 2FA.  Select the type you want to use from the pulldown menu:
 +
 +{{ ::2fa_dropdown.png?direct&400 |}}
 +===Email===
 +On each login attempt the user will be have to enter a timed one-time password.  The password will be emailed automatically to the email address associated with her File Fabric. Each login requires a new one-time password.
 +===Phrase===
 +On each login attempt the user will be challenged to enter a phrase that he has associated with his account for this purpose.
 +
 +If you have selected the "Phrase" option then enter a phrase that you will use when logging in to your own org. admin account and record this phrase in a safe place.  You will be required to enter it to log in to your account.  If you lose the phrase you will not be able to log in to your org. admin account until the File Fabric appliance administrator (appladmin) intervenes.
 +
 +Other members of the org. will be prompted to set up their phrases the next time each logs in to the File Fabric.  Then they will have to enter the phrase on each subsequent login.  If an org. member forgets his phrase then he will no longer be able to log in to his account until the org. admin intervenes.
 +===Authenticator App (TOTP)===
 +On each login attempt the user will be have to enter a timed one-time password (TOTP) that has been generated by an app such as Google Authenticator on her phone.
 +If you have selected "Authenticator App" then a secret string and a QR code will have appeared on the Security web page:
 +
 +scan with an authentication application the QR code that appeared on the Security web page or make note of the 
 +
 +
 +
 +
 +
 +The steps required to coOnce turned on users will have to login as normal and will then receive the second challenge. This will work from web, desktop and mobile apps.
© Copyright 2024 Nasuni.