In CrushFTP version 9 we can integrate our One Time Password (__[OTP|OTP Settings]__) based authentication feature with Google's software based token device __Google Authenticator__ , using Time based OTP (TOTP). The server provides a 80-bit secret key , on a per user basis, as a QR code, that can be imported using Authenticator's QR reader.\\
\\
!!!Server side configuration\\
Will need to enable one of our __[OTP|OTP Settings]__ methods, using SMS or Mail based OTP, and enable the __Validated logins__ checkbox. The user needs to be able to log in at least once, using conventional __[OTP|OTP Settings]__.\\
\\
[attachments|servercfg001.png]\\
\\
The second step is to configure the user account with __Two Factor Authentication__\\
\\
[attachments|servercfg002.png]\\
\\
and enable the __QR code generator__ in it's __User Options__ menu\\
\\
[attachments|servercfg003.png]\\
\\
\\
!!!Client / token device configuration\\
\\
The user will need to log in using conventional __[OTP|OTP Settings]__, generate the QR code form the client UI __User Options__ menu.\\
\\
[attachments|servercfg004.png]\\
\\
Then open __Authenticator__ on the mobile device, set up new account, choose barcode, point the device towards the screen, read in the QR code. Once all set, tap the entry on the screen to generate the one time password to be used. Valid for 30 seconds.\\
 \\
[{Image src='tokencfg001.png' width='272px' height='..' align='left'}][{Image src='tokencfg002.png' width='272px' height='..' align='left'}][{Image src='tokencfg003.png' width='272px' height='..' align='left'}]\\
\\
!!WARNING: __the QR code is valid for one minute, if missed the time window, will need to generate new, or it will not save. Will need to incadrate within this time frame to generate the QR code, read it in by Authenticator and save the user settings.__\\
\\
Once all set, we will use only the one time password generated