You can implement two-factor authentication using one-time passwords, also known as passcodes. Passcodes are generated by Sophos Authenticator or any third-party authenticator on a mobile device or tablet without the need for an internet connection. When users log on, they must provide a password and a passcode.
One-time password service
You can configure two-factor authentication using the one-time password (OTP) service.
- To configure two-factor authentication, click Settings and turn on One-time password.
To log on using two-factor authentication, users must first obtain a token. Tokens are deployed as a QR code in the user portal. Users scan the code with Sophos Authenticator, which then generates passcodes.
- To automatically create OTP tokens, click Settings and turn on Auto-create OTP tokens for users.
- To manually create OTP tokens, click Add and specify settings. Then, view the token and send it to the user.
- To view the token assigned to a user, click Information .
- To synchronize the time offset with the server, click Synchronize and type the passcode.