This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
2-factor-authentication [2018/04/18 08:57] ton [LMS] |
2-factor-authentication [2019/03/18 14:00] serbizadmin [LMS] |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | [[lms-security|{{ :: | ||
====== 2-factor authentication ====== | ====== 2-factor authentication ====== | ||
===== LMS ===== | ===== LMS ===== | ||
- | 1. Login as administrator | + | Steps in activating two-factor authentication on moodLearning-powered learning management system (LMS): \\ |
+ | \\ | ||
+ | ==== Administrator ==== | ||
+ | 1. Login as **Administrator** | ||
2. After a successful login, select now a user you want to use Two-Factor Authentication by navigating your way to //Site Administration// | 2. After a successful login, select now a user you want to use Two-Factor Authentication by navigating your way to //Site Administration// | ||
- | {{: | + | {{ :: |
From here simply click the gear icon on the user to redirect you to the user's profile editing page. | From here simply click the gear icon on the user to redirect you to the user's profile editing page. | ||
- | 3. Next is set the authentication method to **A2FA (Anonther 2-Factor Auth)**. | + | 3. Next is to set the authentication method to **A2FA (Anonther 2-Factor Auth)**. |
- | {{: | + | {{ ::auth1.png?200 |}} |
To generate the QR code for the user, scroll down to **Other fields** and click the //Generate new secret// button | To generate the QR code for the user, scroll down to **Other fields** and click the //Generate new secret// button | ||
- | {{: | + | {{ :: |
- | Then click update profile | + | Then click Update Profile |
- | 4. To check for the generated QR code go to the user's profile you've just updated. | + | 4. To check for the generated QR code, go to the user's profile you've just updated. |
- | {{: | + | {{ :: |
You may now use the snipping tool or any screen capturing tool and send this QR image to your user. Currently sending QR code images are done manually. | You may now use the snipping tool or any screen capturing tool and send this QR image to your user. Currently sending QR code images are done manually. | ||
+ | \\ | ||
+ | \\ | ||
+ | ==== User ==== | ||
+ | 5. If admin failed to send the QR code, the user may click the //Re-send token to your email instead?// after filling in the fields username and password in the login page. | ||
+ | {{ :: | ||
+ | The system will prompt if the link to the token is already sent to the user's email address. | ||
- | 5. After your user received | + | 6. The user will just have to follow |
+ | {{ ::code.png?200 |}} | ||
- | {{: | ||
- | {{: | + | 7. If the user is now in his account, he may just need to go to his profile to scan the QR code with //Google authenticator// |
- | {{:screenshot_20180418-164219.jpg?600|}} | + | {{ :: |
- | After you register the QR code copy the token provided and add this to the token field in the login page. Note that the token is only available for 30 seconds. | + | {{ :: |
- | 6. Now try to login the user with the token provided by the authenticator. | + | {{ :: |
- | {{:token.png?600|}} | + | |
- | + | ||
+ | After the QR code is registered, copy the token provided and add this to the token field in the login page. Again, the token is only available for 30 seconds. | ||
+ | |||
+ | 8. Now try to login the user with the token provided by the authenticator. | ||
+ | {{ :: | ||
+ | \\ | ||
+ | ===== Content Management System===== | ||
+ | A similar measure could be put in place for moodLearning-powered CMS. Example here: | ||
+ | \\ | ||
+ | {{ :: | ||
+ | \\ | ||
+ | ====== See Also ====== | ||
+ | * [[LMS Security]] | ||
+ | |||
+ | ---- |