Search

MachPanel Knowledgebase

HOW TO:Two-factor authentication (2FA)

Mudesira Munir
MachPanel

Summary

This article provides summary on how you can configure Two Factor authentication (2FA) in MachPanel.

Applies To
This article applies to MachPanel Build v6 and above.
Two Factor Authentication (2FA):
Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they know.
  • To Configure 2FA settings in MachPanel, navigate to the following path: Home » System Configuration » 2FA Settings
  • Check Enabled

 

For 2FA Settings Authenticate Using following:

  1. Send PIN through Email
  2. Send PIN through SMS
  3. Authenticator App
Send PIN through Email:

Select PIN expires in Minutes. Save Settings

Send PIN through SMS

For this option you have to provide Twilio API Settings.

  1. Account SID: Here provide the twilio Account SID.
  2. Auth Token: Provide twilio account authentication token
  3. Number: Provide your number.
  4. Twilio API URL: Provide the Twilio API URL.

SMS Templates
Add "Templates" for the PIN SMS to be sent. See snapshot below:

Authenticator App

Authenticator App is used to enable Google Authentication in MachPanel.

  1. How Login Works
    1. 1st time login
      1. After password is verified
      2. User is shown a QR code
      3. User will scan QR code using any app, suggested apps are (Google Authenticator, Authy 2-Factor Authentication)
      4. When QR code is scanned, user will get 6-digit auth code in application.
        1. Warning: Code changes in 30 seconds.

           

        2. 6-digit TOTP Code in application

             3. In case user account is duplicated, then latest one will be valid.

         

      5.   ​User will input code, if code is accepted user is logged in.
    2. Returning user login
      1. Same as 1st time login but no need to scan QR code.
      2. User just needs to enter code from his mobile app.

         

    3. Reset Google Authenticator
      1. Needed in case user lost his device, or reinstalled app and does not have code available.
      2. Click on Reset Google Authenticator link.
      3. Enter email address to get secret key on your registered email address.
Details
Type: HOW TO
Level: Intermediate
Last Modified: 2 Months Ago
Last Modified By: mudesira.munir
Rated 5 stars based on 1 vote
Article has been viewed 4.8K times.
Options
Also In This Category
Tags