¶ About Two-factor Authentication
Two-factor authentication (2FA) is a security process that enhances the protection of online accounts by requiring two forms of verification before granting access. The first factor is typically something the user knows, like a password, and the second factor is something the user possesses, such as a smartphone or a hardware token. By combining these two elements, 2FA significantly reduces the risk of unauthorized access and adds a layer of security that helps protect sensitive information from cyber threats.
With the latest updates, our IaaS Cloud now supports 2FA methods. This feature can be enabled globally, by domain, or individually for each user. You can choose from various authenticators and adjust the configurations to meet your specific needs, ensuring ease of setup and use while complying with security and compliance policies. So, without further ado, let's get started.
¶ Before you start
To complete the actions below, you must have:
- A user with domain admin permissions. For more information, read our Accounts chapter.
- Logged into your account.
¶ Getting Started
¶ Enabling Two-Factor Authentication
By default, 2FA is disabled on all domains. As a domain admin, you must enable it before other users can use it. To enable 2FA, simply follow these steps:
1. Navigate to Domains and select either the root domain or the subdomain for which you want to enable 2FA.
2. Click on the Settings tab and search for "two-factor authentication" to access the 2FA configuration options.
3. Click the Edit button for the enable.user.2fa setting, change the value to true, and save your changes.
4. Optionally, you can also edit the mandate.user.2fa setting to enforce 2FA for users.
If the user has not set up 2FA yet, they must do so in a designated panel immediately after entering their password, before completing the login process in the IaaS Cloud platform.
5. Click OK after editing the settings to apply the new configurations immediately.
¶ Setting Up Two-Factor Authentication
After enabling 2FA for all domains or specific subdomains, all users within those domains can utilize this method. To set up 2FA as a user, follow these steps:
1. Navigate to the top right corner, click on your Username and then select Profile.
2. Now, click on Setup User Two-Factor Authentication in the top right action toolbar.
3. Select a Provider from the list and click on Setup. For this tutorial, we're going to choose Other TOTP Authenticators.
If none of the available providers meet your configuration requirements, please contact us. We can discuss your needs and explore options for adding custom providers if necessary.
4. Next, open your TOTP application on your mobile device. Scan the QR code or enter the setup key manually.
5. Enter the 2FA code displayed in the app and click the Verify button to complete the setup.
6. Once you've finished setting up 2FA, log out and log back in to test it.
7. After entering your initial credentials, you will be redirected to the 2FA window. Input the code from your app and click Verify to access the IaaS Cloud dashboard.
¶ Conclusion
Congratulations! You've successfully configured 2FA for your IaaS Cloud platform. By implementing this additional layer of security, you've significantly bolstered the protection of your domains and users against unauthorized access. These steps mark an important enhancement to your security posture within our platform. Whether you're managing at a global scale or tailoring settings for specific users, our platform offers flexibility and robust security options to meet your organization's needs.
Explore more of our platform's capabilities by delving into our other security features and configurations. You can explore other Tutorials or look into specific chapters from our comprehensive Overview to further enhance your cloud experience.
If you have any questions or encounter issues, please don't hesitate to contact our support team. We're here to assist you every step of the way. Enjoy your journey with our IaaS Cloud and make the most out of its robust features!