email: support@optinium.co.uk | tel: 0845 004 1455
 

Two Factor Authentication

Overview


What is Two Factor Authentication?

Two-step verification is an optional but highly recommended security feature that adds an extra layer of protection to your Optinium Control Panel account. Once enabled, you will be required to enter a six-digit security code in addition to your password whenever you sign in.

The six-digit security code is generated by an authenticator application, which generates Time-based One-Time Passwords (TOTP). Any app that supports TOTP should work.

How do I enable/disable Two Factor Authenitcation

Log into your Optinium Control Panel account and under the "Users" section of your Control Panel, click on any user. Under the section "Two Factor Authentication" click on "Setup Two Factor Authentication". When setting up the authenticator app, you can either scan a QR-code, or enter the secret key manually. When manually setting up the account, make sure you choose a Time-Based configuration.

You can disable Two Factor Authenication in the same way.

Which authenticator apps can I use?

Any application that supports Time-based One-Time Passwords (TOTP) can be used for two-step verification. Here are some apps you could install:

After entering my username and pasword I'm asked for a security code. Now what?

After entering your user name and password, you'll be asked to enter you "Two Factor Authentication Code". In most cases, just launching the application will generate a new code. You should refer to your application's documentation for specific instructions. You should enter this code to gain access to your account.

In most cases, a new code is generated every 30 seconds after which the previous one expires, so you should make sure you enter the code immediately. If you cannot gain access to your account after repeated attempts, please contact your System Administrator. Your account will be locked after ten unsuccessful attempts.

What if I can't generate a security code?

During the two factor authentication set up process, you willl receive a backup security code. It is very important that you write the code down and keep it safe.

If you ever accidently delete the authenticator app, have an empty phone battery, lose your phone, or some other reason why you cannot cannot generate a security code, you will need this backup security code to sign into your Optinium Control Panel account.

When signing in, you will be asked to enter your 6-digit security code. If you cannot generate it, please contact us.

What if I don't have or want to use a smartphone?

A smartphone with an authenticator app makes it very easy to use two factor authentication, but in principle you can use any application that is capable of generating Time-based One-Time Passwords. For example, the OATH Toolkit allows you to generate security codes from the command line.

Can I disable Two Factor Authentication after enabling it?

Yes. Two Factor Authentication is an optional but recommended security feature. You can disable the functionality on the User page of your Optinium Control Panel account by clicking the button "Disable Two Factor Authentication".