Two Factor Authorization (TFA) instructions
Two Factor Authorization (TFA) setup[edit | edit source]
- TFA is a second-level authoriization for additional security.
- It requires use of an "Authentication App"
- either on a cell phone or desktop computer
TFA General Instructions[edit | edit source]
Step by step guide to activate user account[edit | edit source]
1. Log in using your user name provided by email[edit | edit source]
- When you open the site, you should be on the login page
- if not, select "Login" from the upper right
Login button is at the top right
NOTE: Wiki logins are under user names and not email addresses![edit | edit source]
- Your user name has been emailed to you
- You will not enter your emial address to log in
- you should, however, verify your email address so that you can reset passcode, etc.
3. Set Two Factor Authorization (TFA) for site access[edit | edit source]
To access site pages you will need to set Two-Factor Authorization (TFA)
- easiest is to use a TFA app on your cell phone
Overview of steps to set TFA:
- You will need an "Authenticator app" on your phone to manage your TFA logins
- Enable TFA on this site in your user preferences.
- Scan the QR code on your preferences page using your authenticator app
- Enter the "token" (code number) from the authenticator app into your TFA setup on your preferences page
- Log in again, this time using the token (code number) from your authenticator app
4. Authenticate your email address[edit | edit source]
- Please authenticate your email address. If you don't have an email form the system, go to Preferences/ User profile/ Email options to set or change your email address and send and to authentication message.
Detailed instructions[edit | edit source]
Step 1: Download a two-factor authentication program[edit | edit source]
Mobile TFA apps (all free)[edit | edit source]
Click "expand" for details:
File:Account-activation 04e.jpg Authenticator Apps for cell phones are available on Windows, Mac, IOS, or AndroidMobile Apps - Google authenticator app (PlayStore)
- iOs 16 has TFA built in to the system
- otherwise, Google & Microsoft authenticator apps are available on iOS
- Open source: FreeOTP (from RedHat)
- here for the various FreeOTP operating system versions on github
- including "jelling-windows" which mirrors the mobile app on desktop
- here for the various FreeOTP operating system versions on github
- Microsoft Authenticator App for Android and iOS:
- Microsoft Mobile Phone Authenticator App | Microsoft Security (with links to Apple & Google app stores)
Oracle Authenticator App for mobile or desktop (free)[edit | edit source]
- MOBILE: download through your App Store (Android/Apple)
- search for "Oracle Mobile Authenticator" and it will show
- WINDOWS DESKTOP: go to Store
- for installation, see Oracle Authenticator desktop installation shot step-by-step explanation
Running mobile & desktop FTA simultaneously[edit | edit source]
- you can set two TFA apps to run at the same time
- as in one on your cell phone, the other on your desktop
- just use the same "Secret Key" for both and then make sure they are producing the same token (temporary number)
Step 2: Enable Two-Factor Authorization (TFA) on your user preferences page[edit | edit source]
Click "expand" for details:
File:Account-activation 06.jpg Go to your Special:Preferences page at the link to the top right under the user iconEnable TFA on your User/Preferences page - Click on drop-down menu and select "Preferences"
- Under "Basic Information," go to the last option in that box, "Two-factor authentication"
- click on "Manage" button
- then click on "Enable TOTP (one time token)" button
- You will then be asked to log in again
- Then you will see "Enable TOTOP (one-time token)" page
- using your Authenticator app, scan the QR code
- or you can use enter the "secret key" manually
- Your Authenticator app will then show "Site Name:
[user name]- and display a number (your TFA "token") that will last 20-30 seconds.
- On the page it will show "Step 3"
- Record securely the "Two-factor authentication secret key" and "Scratch codes"
- you can use these to set the same TFA authorization on another app or device
- and if you lose access to that device or app, you can re-set TFA on your app.
- In order to change your secret key you will have to start over again under User/Preferences
- and you will need to enter the TFA token to make any changes
- Record securely the "Two-factor authentication secret key" and "Scratch codes"
- Admin can reset your TFA TOTP if you get stuck
Step 3: Enter the token into the "Verification" box[edit | edit source]
- the entry box is labelled on the page "Step 4: Verification"
- the box instructions read, "Enter a code from your authentication device to verify"
- using your Authenticator app, enter the current "token" number
- hit "Submit"
Your are now good to go!
- your login will remain active on the same device until cookies are cleared
- logging in on a new device or browser will require TFA
Email address authentication[edit | edit source]
In order to recieve account change and other notifcations (which you can control), please authenticate your email address. Go to Preferences/ User profile/ Email options to set or change your email address and send and to an authentication message.
User Rights[edit | edit source]
- Now that you have set up TFA, you will have full read/write/edit and image or document upload rights.
- Some pages are locked to Admin edit only, so let us know any suggested changes on pages you cannot edit (such as this page).
- Session cache
- you will not have to re-enter the TFA Token unless you change browsers, clear cookies, or use another device.
Help![edit | edit source]
Call, text, or email Michael Bromley