![]() ![]() If the Time-Based One-Time Password tool is disabled, CloudAccess no longer prompts the users for an OTP at login. The information is stored with the user’s object if the user’s identity object is disabled. This information is deleted automatically if a user’s identity object is permanently deleted from the identity source. Information about a user’s registered device and secret key is part of the user’s identity information in the identity source. To revoke access for a registered device that is lost or stolen To allow the user to register a different device Each session requires only a single successful authentication. On successful authentication, you can access the apps icons for the authorized services and resources associated with your user identity. Google Authenticator generates a new OTP every 30 seconds. If you enter the password incorrectly, you can try again with the same password until it times out. Use Google Authenticator to generate a new one-time password, and enter the code on the CloudAccess One-Time Authentication Code page. Otherwise, CloudAccess displays the page when you first click any one of the applications that require it. If all applications require two-factor authentication, the One-Time Authentication Code page appears and prompts you to enter the code. On the login page, enter your network user name and password (your normal identity source login credentials).ĬloudAccess verifies the credentials against a defined identity source. To log in to CloudAccess using two-factor authentication:Īccess CloudAccess, either directly or through a SAML2 redirect. Access is granted only for the duration of that session. To log in to your account from the mobile device, log in to CloudAccess as described in Using Two-Factor Authentication at Login. The code might not validate if you enter an expired code, you do not enter a code, you mistype the code, or you make an error when setting up the secret key for the account in Google Authenticator. You can generate a new code, and try again. If the code does not validate, the registration page is redisplayed with the current secret key. On the computer on the One-Time Authentication Code page, type the OTP, then click Sign In.ĬloudAccess confirms that the mobile device is registered, and the login is successful. On the mobile device, view the 6-character code that Google Authenticator displays for CloudAccess. Type the 16-character secret key that appears on the CloudAccess One-Time Authentication Code page. In the Appliances pane, a green gear icon spins on top of each node until the activation is complete across all nodes in the cluster. Do not attempt other configuration actions until the activation completes successfully. Wait while the service is activated across all nodes in the cluster. When a user registers an authentication device, the device and authentication codes apply to all TOTP-enabled applications.Ĭlick OK to save the setting and enable the TOTP tool.Ĭlick Apply to activate the TOTP configuration. ![]() Shorter validity times are considered more secure.Ĭlick the Applications tab, then select the check box next to one or more applications to enable them for TOTP.īy default, no applications are enabled for TOTP. ![]() Log in with an appliance administrator account to the administration console at appliance_dns_name/appliance/index.html.ĭrag the TOTP Tool icon from the Tools palette to the Tools panel.Ĭlick the TOTP icon on the Tools panel, then click Configure. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |