Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
Clipboard05.jpg 139.3 kB 1 05-Dec-2023 05:32 Ada Csaba
png
Clipboard05.png 116.6 kB 1 05-Dec-2023 05:32 Ada Csaba
jpg
IMG_2500.jpg 191.7 kB 1 05-Dec-2023 05:32 Sandor
jpg
IMG_2501.jpg 464.9 kB 1 05-Dec-2023 05:32 Sandor
jpg
IMG_2502.jpg 52.0 kB 1 05-Dec-2023 05:32 Sandor
png
enable_two_factor.png 42.5 kB 2 26-Feb-2024 03:15 Ben Spink
png
qr_otp.png 1,990.7 kB 1 26-Feb-2024 03:00 Ben Spink
png
servercfg001.png 23.0 kB 5 05-Dec-2023 05:32 Sandor
png
servercfg002.png 54.1 kB 4 05-Dec-2023 05:32 Sandor actualized v10
png
servercfg002.png.png 54.1 kB 1 05-Dec-2023 05:32 Sandor actualized v10
png
servercfg003.png 64.4 kB 4 05-Dec-2023 05:32 Sandor
png
servercfg004.png 43.2 kB 4 05-Dec-2023 05:32 Sandor
png
tokencfg001.png 101.9 kB 2 05-Dec-2023 05:32 Ada Csaba
png
tokencfg002.png 96.2 kB 2 05-Dec-2023 05:32 Ada Csaba
png
tokencfg003.png 37.4 kB 2 05-Dec-2023 05:32 Ada Csaba

This page (revision-53) was last changed on 10-Oct-2024 10:57 by Ben Spink

This page was created on 05-Dec-2023 05:32 by Ada Csaba

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed one line
In CrushFTP version 10 we can integrate our One Time Password (__[OTP|OTP Settings]__) based authentication feature with Google's and Microsoft's software-based token device __Google Authenticator__ and __Microsoft Authenticator__, using Time based OTP (TOTP). The user can register a QR code into Google Authenticator or Microsoft Authenticator app.\\
CrushFTP has One Time Password (__[OTP/MFA|OTP Settings]__) based authentication feature with Google's and Microsoft's software-based token device __Google Authenticator__ and __Microsoft Authenticator__, using Time based OTP (TOTP) / MFA. The user can register a QR code into their Authenticator app.\\
At line 4 changed one line
You will need to enable one of our __[OTP|OTP Settings]__ methods, using SMS or Mail based OTP, and enable the __Validated logins__ checkbox. The user needs to be able to log in at least once, without OTP, or with the other __[OTP|OTP Settings]__ settings.\\
The config needs the URL set to "SMTP" and the checkbox for "Validated Logins" enabled.\\
At line 8 changed one line
The second step is to configure the user account with __Two Factor Authentication__\\
Next enable the two factor __QR code generator__ which will appear in the user's __User Options__ menu when they are logged in.\\
At line 10 changed one line
[attachments|servercfg002.png]\\
[attachments|enable_two_factor.png]\\
* You can also force two factor registration, then the user has no choice but to enroll in it at their next login. Set the customization flag "Two Factor: force Google Authenticator setup" to true. See the mini animated gif of the process below.\\
At line 12 removed 4 lines
and enable the two factor __QR code generator__ which will appear in the user's __User Options__ menu when they are logged in.\\
\\
[attachments|servercfg003.png]\\
\\
At line 21 changed one line
Then open __Authenticator__ on the mobile device, set up a new account, choose to scan barcode, point the device towards the screen, and read in the QR code. Then save the user settings by clicking the __Confirm__ button in the UI. \\
__This part must be done within 30 seconds or the QR code becomes invalid.__\\
1.) Once they are ready and have the Authenticator app open on their mobile device, they click __Ready To Scan__.\\
2.) Choose to scan the QR code, point the device towards the screen, and let it read in the QR code.\\
3.) Next click __Confirm__ to save the same code to the server's user configuration.\\
At line 24 changed one line
[{Image src='tokencfg001.png' width='272px' height='..' align='left'}] [{Image src='tokencfg002.png' width='272px' height='..' align='left'}] [{Image src='tokencfg003.png' width='272px' height='..' align='left'}]\\
[{Image src='tokencfg002.png' width='272px' height='..' align='left'}] [{Image src='tokencfg003.png' width='272px' height='..' align='left'}]\\
At line 29 changed one line
__WARNING:__ the QR code is valid for one minute, if the time window is missed you will need to generate new, or it will not save. Once a secret key has been saved from the QR code, and confirmed, it can only be reset by a server administrator. It's a one-time process.\\
__WARNING:__ the QR code is valid for 30 seconds, if the time window is missed you will need to generate new, or it will not save. Once a secret key has been saved from the QR code, and confirmed, it can only be reset by a server administrator. It's a one-time process.\\
At line 65 added 9 lines
\\
----
\\
Google Authenticator for Webinterface logins only, enrolling is not possible via FTP, SFTP.
A hidden flag in __prefs.XML__ controls for which protocols OTP should be enabled by default
{{{
<twofactor_secret_auto_otp_enable_protocols>ftp,ftps,sftp,http,https,webdav</twofactor_secret_auto_otp_enable_protocols>
}}}
\\
Version Date Modified Size Author Changes ... Change note
53 10-Oct-2024 10:57 5.279 kB Ben Spink to previous
52 10-Oct-2024 10:54 5.581 kB Ben Spink to previous | to last
51 05-Aug-2024 02:40 5.647 kB Ben Spink to previous | to last
50 05-Apr-2024 10:11 5.625 kB Ada Csaba to previous | to last
49 26-Feb-2024 03:14 5.287 kB Ben Spink to previous | to last
48 26-Feb-2024 03:13 5.282 kB Ben Spink to previous | to last
47 26-Feb-2024 03:11 5.277 kB Ben Spink to previous | to last
46 26-Feb-2024 03:04 5.196 kB Ben Spink to previous | to last
45 26-Feb-2024 03:00 4.949 kB Ben Spink to previous | to last
44 05-Dec-2023 05:32 4.955 kB Sandor to previous | to last
43 05-Dec-2023 05:32 4.951 kB Sandor to previous | to last
42 05-Dec-2023 05:32 4.943 kB Sandor to previous | to last
41 05-Dec-2023 05:32 4.947 kB Sandor to previous | to last
« This page (revision-53) was last changed on 10-Oct-2024 10:57 by Ben Spink
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
LeftMenu

JSPWiki