Officer settings: Difference between revisions

From Telcred documentation
Jump to navigation Jump to search
No edit summary
Line 8: Line 8:
=== Second factor OTP ===
=== Second factor OTP ===


Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login.
gdgdg

Seconf factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'.


[[File:2fa-otp.png|Second factor OTP]]
[[File:2fa-otp.png|Second factor OTP]]

The method for second factor OTP supported by Telcred is called TOTP (Time-based One Time Password) and is specified in RFC 6238. There are several mobile and web apps that support this specification, including:
* Google Authenticator
* Microsoft Authenticator
* Twilio Authy

To use the app when logging in, it is first necessary to enter the secret 'seed' by either typing it into the app or scanning the QR code. Once this has been done, the app will generate a new OTP every 30 seconds that needs to be entered when logging in to Telcred Access Manager.

Revision as of 19:25, 2 February 2021

Change password

To change the password, simply enter the old password and the new one (twice).

Change password

Second factor OTP

Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login.

Seconf factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'.

Second factor OTP

The method for second factor OTP supported by Telcred is called TOTP (Time-based One Time Password) and is specified in RFC 6238. There are several mobile and web apps that support this specification, including:

  • Google Authenticator
  • Microsoft Authenticator
  • Twilio Authy

To use the app when logging in, it is first necessary to enter the secret 'seed' by either typing it into the app or scanning the QR code. Once this has been done, the app will generate a new OTP every 30 seconds that needs to be entered when logging in to Telcred Access Manager.