Officer settings: Difference between revisions
Telcredstaff (talk | contribs) |
Telcredstaff (talk | contribs) |
||
| Line 10: | Line 10: | ||
Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login. |
Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login. |
||
Second factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'. |
|||
[[File:2fa-otp.png|Second factor OTP]] |
[[File:2fa-otp.png|Second factor OTP]] |
||
Revision as of 19:25, 2 February 2021
Change password
To change the password, simply enter the old password and the new one (twice).
Second factor OTP
Telcred supports more secure login by requiring a so called second factor in the form av an OTP (One Time Password). With OTP activated, an attacker cannot login by simply having access to the username and password. Instead, a one-time-password is also required at every login.
Second factor OTP is turned off by default. To activate it, simply change the radio button to 'Yes'.
The method for second factor OTP supported by Telcred is called TOTP (Time-based One Time Password) and is specified in RFC 6238. There are several mobile and web apps that support this specification, including:
- Google Authenticator
- Microsoft Authenticator
- Twilio Authy
To use the app when logging in, it is first necessary to enter the secret 'seed' by either typing it into the app or scanning the QR code. Once this has been done, the app will generate a new OTP every 30 seconds that needs to be entered when logging in to Telcred Access Manager.