Officer settings: Difference between revisions
Telcredstaff (talk | contribs) No edit summary |
Telcredstaff (talk | contribs) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 8: | Line 8: | ||
=== Second factor OTP === |
=== Second factor OTP === |
||
Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login. |
|||
gdgdg |
|||
Second factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'. |
|||
[[File:2fa-otp.png|Second factor OTP]] |
[[File:2fa-otp.png|Second factor OTP]] |
||
The method for second factor OTP supported by Telcred is called TOTP (Time-based One Time Password) and is specified in RFC 6238. There are several mobile and web apps that support this specification, including: |
|||
* Google Authenticator |
|||
* Microsoft Authenticator |
|||
* Twilio Authy |
|||
When turning on OTP, a random secret 'seed' is automatically generated. To use the app when logging in, it is first necessary to enter this seed by either typing it into the app or scanning the QR code. Once this has been done, the app will generate a new six digit OTP every 30 seconds that needs to be entered when logging in to Telcred Access Manager. |
Latest revision as of 19:28, 2 February 2021
Change password
To change the password, simply enter the old password and the new one (twice).
Second factor OTP
Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login.
Second factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'.
The method for second factor OTP supported by Telcred is called TOTP (Time-based One Time Password) and is specified in RFC 6238. There are several mobile and web apps that support this specification, including:
- Google Authenticator
- Microsoft Authenticator
- Twilio Authy
When turning on OTP, a random secret 'seed' is automatically generated. To use the app when logging in, it is first necessary to enter this seed by either typing it into the app or scanning the QR code. Once this has been done, the app will generate a new six digit OTP every 30 seconds that needs to be entered when logging in to Telcred Access Manager.