Got feedback or spotted a mistake?

Leave a comment at the end of this page or email contact@krishagni.com

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

Introduction

Two-factor Authentication enables OpenSpecimen customers to implement an additional security layer to protect user accounts from being hacked. When 2FA is configured, users will need to enter an additional One Time Password (OTP) along with the user name and password. The OTP is generated using a mobile app - Google Authenticator - installed on the user's mobile app.

Two-factor Authentication is available only for the EE version.

Enabling 2FA as Super Admin

 Click here to expand...

Prerequisites

  • Email configuration: Before enabling the 2FA feature, ensure that email configuration is completed in the OpenSpecimen server.

  • Email notification: Furthermore, enable email notification at both system and user-level.

Configuring 2FA

  • Install the 'Google Authenticator' app beforehand on your android or apple device.

  • There is a bug in OpenSpecimen version 8.0.x., which was fixed in 8.1. In the ‘settings’ under the Authentication tab, instead of ‘Two Factor Authentication,’ you will find the property name for 2FA as ‘settings.auth.otp_auth’.

  • From OpenSpecimen version 8.1, an additional QR code is also provided for 2FA configuration.

  1. By default, the 2FA is disabled. To enable this feature go to Settings → Authentication → Two Factor Authentication and ‘Enable’ it.

Enabling 2FA as a User

  1. Download Google Authenticator App on your mobile phone.

  2. Go to the OpenSpecimen login page and click on 'Reset OTP Secret Code?'

  3. Enter your OpenSpecimen login name inside the area shown in the red box below and click on the 'Email Reset OTP Secret Code link.'

  4. A mail will be sent to your registered email id, as shown below. Click on ‘Reset my OTP secret code’.

  5. An email will be sent to you with a secret code and QR code.

  6. Open the Google Authenticator app on your device and select either ‘Enter a setup key’ or ‘Scan a QR code.’

    1. Add account name “OpenSpecimen Test” or “OpenSpecimen Prod”

    2. Enter or scan the secret code/key

    3. Select ‘Time-based’ value

    4. Click on ‘Add account.’

  7. For more details on setting account on google authenticator app, you can refer to this video.

  8. Once successful, you will notice that a 6 digit OTP code is displayed in the app.

Login via OTP

Once 2FA is configured, you have to enter the 6 digit OTP code from your Google Authenticator app along with your login id and password to login into the OpenSpecimen.

  1. Go to the OpenSpecimen login page and enter your login name and password.

  2. Open the Google Authenticator app on your device and copy the 6 digit OTP from it.

  3. Enter the OTP to the login page and click on 'Sign in.'

  • No labels
Got feedback or spotted a mistake?

Leave a comment at the end of this page or email contact@krishagni.com