Setting up two-factor authentication

Posted by David Mc Nally. Last updated: Mon, Mar 16, 2015

What is two-factor authentication

With two-factor authentication you use two two different pieces of information to authenticate yourself when logging in to an account.

Instead of just using two passwords a physical device is used to generate a one time password as one of the two pieces of information. In Ubivox the physical device may be an app on a mobile phone or a USB key.

When logging in you first supply your username and password as usual. Afterwards you are asked to fill in a one time password generated by your physical device.

Why you should use two-factor authentication

When using two-factor authentication a simple password theft is not enough to get access to an account. The thief would also need to steal the physical device which makes getting access even harder.

Data protection laws mean that you should keep your subscriber data in Ubivox very safe and two-factor authentication can help with this.

Chosing your two-factor authentication solution

When setting up two-factor authentication you should first consider which solution you prefer.

Yubikey

A Yubikey is a physical USB device you plug in to your computer. The Yubikey has a single button sending a one time password to Ubivox.

Yubikeys can be bought online at Yubico. We recommend either a Basic Standard or Basic Nano key.

Please note, even though the names sound similar there is no association between Ubivox and Yubico. We have just chosen to implement their two-factor authentication mechanism since we like the way it works.

TOTP apps on your smartphone

With a smartphone running either Google Authenticator or Authy you can use the app to create a one time password to log in. Both apps exist for Android, iOS and Windows Phone and a Google account is not needed to use Google Authenticator.

This is the solution we recommend if you have a smartphone and prefer the simple management of using an app for password generation.

Setting up

Go to Account > USers & Security and click the button Configure two-factor authentication.

Chose the type of two-factor authentication you wish, and fill in the Policy for disabling two-factor authentication.

This policy is very important. If you lose your two-factor device and contact Ubivox to have two-factor authentication disabled we will use this policy to dertermine if we should do as we have been asked. The policy is needed to make sure that for instance a disgruntled ex employee can not have the extra layer of security disabled and gain access to your account.

We recommend you fill in information on how to contact an employee at your office who can confirm the request to disable two-factor authentication, including an up to date phone number or e-mail address.

When all has been filled in click Save changes.

Depending on the solution you have chosen a new tab will be added to your settings page.

If you have TOTP enabled you will get the option of sending information on how to enable TOTP two-factor authentication to each of your users. They will receive an e-mail with a link which they should open on their computer with their phone ready.

The link will look like this and scanning it with Authy or Google Authenticator will install the necessary information on the phone.

Fill in the first one time password on the page and click Verify.

If you have Yubikey enabled you will get the option of registering a new Yubikey to the user. Click the button and put the Yubikey into a USB port.

Push the golden button if using a Basic Standard key and touch the edge of the key if using a Basic Nano. A one time password will be entered into the text field and after clicking Register the key is ready to use.

Activating two-factor authentication

Click the Settings tab and click the blue Activate link in the top of the page. Click Confirm and you are now ready to log in using your phone or Yubikey.

Using two-factor authentication

After enabling two-factor authentication log in as you usually do using your username and password. You will be asked to supply a one time password. Start your TOTP app on your phone and fill in the six digits or plug in your Yubikey and press the button. You will now be logged in to your Ubivox account.

Disabling two-factor authentication

Go to Account > USers & Security and click the button Configure two-factor authentication.

Click "Deactivate" and Confirm.


What next?

Read more articles on these subjects: Account, User

Keywords

See other articles with these keywords:


Languages

See this article in:


About the author

David Mc Nally
Head of Customer Care

In charge of customer relations, primarily acting as head support guru. Proficient in technology and usability. And diving.


Further questions

Do not hesitate to contact us if you have any questions.

Start livechat
Write e-mail