From eScan Wiki
|Revision as of 14:31, 3 May 2020
WikiSysop (Talk | contribs)
← Previous diff
WikiSysop (Talk | contribs)
|Line 1:||Line 1:|
|Two-Factor Authentication (2FA)||Two-Factor Authentication (2FA)|
|The system login password is Single-Factor Authentication which is||The system login password is Single-Factor Authentication which is|
Two-Factor Authentication (2FA)
The system login password is Single-Factor Authentication which is considered unsecure as it may put your organization’s data at high risk of compromise. The Two-Factor Authentication, also more commonly known as 2FA, adds an extra layer of protection to your eScan web console login.
The 2FA feature mandates you to enter a Time-based One-Time Password (TOTP) after entering eScan credentials. So, even if somebody knows your eScan credentials, the 2FA feature secures data against unauthorized logins. Only administrator can enable/disable the 2FA feature. It can also be enabled for added users as well.
To use 2FA login feature, you need to install the Authenticator app for Android devices from Play Store or for iOS devices from App Store on your smart device. The Authenticator app needs camera access for scanning a QR code, so ensure you get an appropriate approval to use device camera in your organization. If a COD or BYOD policy restricts you from using device camera in your organization, enter the Account Key in the Authenticator app.
Ensure that the smart device’s date and time matches with the system’s date and time or else TOTPs generated by app won’t get validated.
We recommend that you save/store the Account Key in offline storage or a paperback copy, in case you lose the account access.
Enabling 2FA login
To enable 2FA login,
1. Go to Settings > Two-Factor Authentication.
2. Open the Authenticator app.
3. Select a preferred option. If you tapped Scan a barcode , scan the onscreen QR code via your smart device. If you tappedEnter a provided key, enter the Account Key and then tap ADD. After scanning the Account QR code or entering Account Key the eScan server account gets added to the Authenticator app. The app then starts displaying a Time-based One-Time Password (TOTP) that is valid for 30 seconds.
4. Click Enable Two-Factor Authentication. Verify TOTP window appears.
5. Enter the TOTP displayed on smart device and then click Verify TOTP. The 2FA login feature gets enabled.
6. To apply the login feature for users, click Manage Other User Settings tab. The tab displays list of added users and whether 2FA status is enabled or disabled.
7. To enable 2FA login for an added user, click the button to green check icon. The 2FA login for added users gets enabled. After enabling the 2FA login for users, whenever they log in to eScan web console Verify TOTP window appears.
Disabling 2FA login
To disable 2FA login,
1. Go to Settings > Two Factor Authentication.
2. Click Disable Two-Factor Authentication. Verify TOTP window appears.
3. Enter the TOTP and then click Verify TOTP. The 2FA feature gets disabled.
After disabling the 2FA feature and enabling it again, the 2FA login status will be reinstated for added users.