Two Factor Authentication (2FA) using one time password
Enable 2FA
Admin users can enable two factor authentication for users by turning on the feature “Use One Time Password (2FA)” as explained in Enable two factor authentication for users .
This only affects web login including admin system and client when using modern sign-in.
Pair a device
First time the user, with 2FA enabled, sign in she is prompted with a pair devise page.
The user can use any app that supports the Time-based one-time password (TOTP) protocol. Like Google Authenticator (Play Store or App Store) or Microsoft Authenticator (Play Store or App Store).
These apps normally have an “Add account” menu option where you can scan the QR code provided by dRofus. Once this is set up you can press “Click here to continue”.
Logging in with 2FA
After 2FA is set up, whenever the user signs in after she has entered the username and password, she will be prompted for a one-time password. Open the app you paired your dRofus account with and click on the account and a one time password is shown.
If you check the option “Keep me signed in on this device“ you will not have to go though this step until you choose to sign out.
“Lost device”
If you have lost your phone or need to reset / pair a new device the only option currently is to contact your dRofus administrator and ask them to reset the 2FA in the admin system. You are then prompted with the “pair a device” step again.