Skip to content

Configure multi-factor authentication

Multi-factor authentication ensures that only users with trusted devices can log on. To provide multi-factor authentication, you configure the OTP service. Then, end-users scan tokens and obtain passcodes using an authenticator application.

Introduction

To use two-factor authentication, you need to:

  • Turn on the OTP service and specify settings.
  • Scan tokens and obtain passcodes using an authenticator application on the client.

Specify OTP service settings

First, you turn on the OTP service. Then, to maximize the protection this type of authentication offers, you require all users to use it. You also specify the features for which two-factor authentication is required.

The following steps are executed on the firewall.

  1. Go to Authentication > One-time password and click Settings.
  2. Specify the settings.

    Option Value
    One-time password On
    OTP for all users On
    Auto-create OTP tokens for users On
  3. Enable OTP for WebAdmin and User portal.

  4. Click Apply.

Obtain a token and passcodes

Users scan the OTP token through the user portal using an authenticator application. The authenticator then provides passcodes.

Users must do as follows:

  1. Download for Android or for iOS on a mobile device.
  2. Sign in through the user portal. The user portal shows the OTP token.

    QR code and key

  3. Scan the OTP token using an authenticator application. The authenticator application begins creating passcodes.

    Passcode on an authenticator app

  4. Go to user portal again and sign in by typing the password using the following format: <user_password><generated_passcode>

More resources

Back to top