Introduction

Two-factor Authentication enables OpenSpecimen customers to implement an additional security layer to protect user accounts from being hacked. When 2FA is configured, users will need to enter an additional One Time Password (OTP) along with the user name and password. This is a system-level configuration and applies to all the users.

The OTP is generated using a mobile app like Google Authenticator, Duo, Microsoft Authenticator, etc., installed on the user's mobile app.

...

Enabling 2FA as Super Admin

...

1. Download Authenticator App on your mobile phone.

2. Go to the OpenSpecimen login page and click on 'Reset OTP Secret Code?'

   

3. Enter your OpenSpecimen login name inside the area shown in the red box below and click on the 'Email Reset OTP Secret Code link.'

   

4. A mail will be sent to your registered email id, as shown below. Click on ‘Reset my OTP secret code’.

   

5. An email will be sent to you with a secret code and QR code.

   

6. Open the Authenticator app on your device and select either ‘Enter a setup key’ or ‘Scan a QR code.’

   1. Add account name “OpenSpecimen Test” or “OpenSpecimen Prod”

   2. Enter or scan the secret code/key

   3. Select ‘Time-based’ value

   4. Click on ‘Add account.’

7. For more details on setting an account on the Authenticator app, you can refer to this video.

8. Once successful, you will notice that a six-digit OTP code is displayed in the app.

Login via OTP

Once 2FA is configured, you have to enter the six-digit OTP code from your Authenticator app along with your login id and password to login into the OpenSpecimen.

...