This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
2-factor-authentication [2018/04/18 08:54] ton [LMS] |
2-factor-authentication [2019/01/31 01:50] serbizadmin |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | [[lms-security|{{ :: | ||
====== 2-factor authentication ====== | ====== 2-factor authentication ====== | ||
===== LMS ===== | ===== LMS ===== | ||
- | 1. Login as administrator | + | Steps in activating two-factor authentication on moodLearning-powered learning management system (LMS): \\ |
+ | \\ | ||
+ | |||
+ | 1. Login as **Administrator** | ||
2. After a successful login, select now a user you want to use Two-Factor Authentication by navigating your way to //Site Administration// | 2. After a successful login, select now a user you want to use Two-Factor Authentication by navigating your way to //Site Administration// | ||
- | {{: | + | {{ :: |
From here simply click the gear icon on the user to redirect you to the user's profile editing page. | From here simply click the gear icon on the user to redirect you to the user's profile editing page. | ||
- | 3. Next is set the authentication method to **A2FA (Anonther 2-Factor Auth)**. | + | 3. Next is to set the authentication method to **A2FA (Anonther 2-Factor Auth)**. |
+ | |||
+ | {{ :: | ||
+ | |||
+ | To generate the QR code for the user, scroll down to **Other fields** and click the //Generate new secret// button | ||
+ | |||
+ | {{ :: | ||
- | {{:auth1.png?600|}} | + | Then click Update Profile to save the new setting. |
- | To generate | + | 4. To check for the generated |
- | {{:generate.png?600|}} | + | {{ ::qr_code.png?200 |}} |
- | Then click update profile to save the new setting. | + | You may now use the snipping tool or any screen capturing tool and send this QR image to your user. Currently sending QR code images are done manually. |
- | 4. To check for the generated | + | 5. If admin failed to send the QR code, the user may click the //Re-send token to your email instead?// after filling in the fields username and password in the login page. |
+ | {{ :: | ||
+ | The system will prompt if the link to the token is already sent to the user' | ||
- | {{:qr_code.png?600|}} | + | 6. The user will just have to follow the link provided in the email then copy the token provided and paste it to the token field in the login page. Beware of the 30 seconds timeout. |
+ | {{ ::code.png?200 |}} | ||
- | You may now use the snipping tool or any screen capturing tool and send this QR image to your user. Currently this done manually via email. | ||
- | 5. After your user received the QR code, it is now required for the user to download the Google authenticator app to scan and register | + | 7. If the user is now in his account, he may just need to go to his profile |
- | {{:screenshot_20180418-164010.jpg?600|}} | + | {{ :: |
- | {{: | + | {{ :: |
- | {{: | + | {{ :: |
- | After you register | + | After the QR code is registered, |
- | 6. Now try to login the user with the token provided by the authenticator. | + | 8. Now try to login the user with the token provided by the authenticator. |
- | {{: | + | {{ ::token.png?200 |}} |
- | + | \\ | |
+ | ===== Content Management System===== | ||
+ | A similar measure could be put in place for moodLearning-powered CMS. Example here: | ||
+ | \\ | ||
+ | {{ :: | ||
+ | \\ | ||
+ | ====== See Also ====== | ||
+ | * [[LMS Security]] | ||
+ | ---- |