Two-Step Verification
Revision as of 13:56, 19 March 2015 by TCAWiki (talk | contribs) (→All generated tokens are expired)
Contents
Configuration
- Install Google Authenticator on your smartphone. You may use other TOTP software or hardware.
- Log in to TCAdmin.
- Select "Account Security" from the menu options.
- Select the "Two-Step Verification" tab.
- Check "Enable two-step verification"
- If you want to enable two-step for FTP access check "Enable two-step verification for FTP connections". If you enable this option configure your FTP client to send the password in the following format: YourPassword#GeneratedToken
- Type the verification key in Google Authenticator or other software/hardware. If your software has scanning capabilities you can scan the QR-code.
- Generate a token and type it in the "Generated Token" field.
- Click on Save.
Common Errors
All generated tokens are expired
The token is generated based on the current time and is valid for 30 seconds. An expired token is usually caused by incorrect date or timezone configuration on the server.
Use NTP to synchronize your date and time:
- Linux http://www.howtogeek.com/tips/how-to-sync-your-linux-server-time-with-network-time-servers-ntp/
- Windows http://www.guidingtech.com/3119/windows-clock-sync/
User lost his verification key
You can disable two-step verification by selecting the user, select the "Actions" tab and click on "Disable two-step".
Admin lost his verification key
Start the monitor in console mode. Execute this command in the console:
disable-two-step Admin