Introduction
Two-factor authentication adds an extra layer for secured access. Activating is simple as from OpsRamp Console, you need to click the Activate option from the USER DETAILS screen to activate Two-Factor Key. The Activate option lets you select the type of Two-Type authentication mechanism for that user.
Activate two-factor key
To activate the two-factor Key:
- Go to Setup > Accounts > Users, select a user.
USER DETAILS screen appears. Two-factor authentication appears disabled (OFF). - From the USER DETAILS scree, toggle two factor authentication to
Enable(ON) and click Activate. - From the Activate Two-Factor Authentication screen, select one of the following:
- YUBICO Authenticator – A YubiKey is a small hardware device that offers two-factor authentication with a simple touch of a button.
- TOPTP Authenticator – Time-based One-time Password Algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.
- U2F-FIDO Universal 2nd Factor – U2F is an open authentication standard that enables internet users to securely access any number of online services, with one single device, instantly and with no drivers or client software needed.
- If you have selected YUBICO Authenticator, perform the following steps to activate the Two-Factor Key:
- Select YUBICO Authenticator.
- Insert the YubiKey.
- Touch the YubiKey button.
A 44 character one-time password gets generated.
YUBICO Authenticator
- If you have selected TOTP Authenticator, perform the following steps to activate the Two-Factor Key:Prerequisite: Install a Third-Party application that supports TOTP in your smartphone. The application generates passcodes for login and can receive push notifications for easy, one-tap authentication.
The following applications support TOTP:- Google Authenticator
- Windows Authenticator
- DUO Authenticator
- Authy Authenticator
- Select TOTP Authenticator.
- Configure the account on your two-factor authentication application and add your account by scanning the verification code.
- After scanning the barcode, enter the 6-digit verification code generated by the Authenticator application.
TOTP Authenticator
- If you have selected U2F-FIDO Universal 2nd Factor Authenticator, perform the following steps to activate the Two-Factor Key:
- Select U2F- FIDO Universal 2nd Factor.
- Insert the FIDO U2F in the USB slot on the device.
- Touch the FIDO U2F after FISO U2F starts blinking.
The FIDO security key is now successfully activated.
After activating the two-factor, Activate Two-Factor Key displays a deactivate option.
Important
- You can click Disable Two-Factor key from options displayed in the Actions drop-down to disable Two-Factor authentication for a user.
- If you are a Partner administrator with Two-Factor authentication enabled and activated, OpsRamp re-authenticates your two-factor key before deactivating and disabling any user. With this security check, OpsRamp authorizes your actions and avoids threats such as session hijacking.
- Three unsuccessful attempts for Two-Factor authentication redirects to the login page.