SerbizWiki

2-factor authentication

LMS

Steps in activating two-factor authentication on moodLearning-powered learning management system (LMS):

1. Login as Administrator to the LMS. As admin, you are not required to fill in the token field so you can just leave the token field empty.

2. After a successful login, select now a user you want to use Two-Factor Authentication by navigating your way to Site Administration > Accounts > Browse List of Users:

From here simply click the gear icon on the user to redirect you to the user's profile editing page.

3. Next is to set the authentication method to A2FA (Anonther 2-Factor Auth).

To generate the QR code for the user, scroll down to Other fields and click the Generate new secret button

Then click Update Profile to save the new setting.

4. To check for the generated QR code, go to the user's profile you've just updated.

You may now use the snipping tool or any screen capturing tool and send this QR image to your user. Currently sending QR code images are done manually.

5. If admin failed to send the QR code, the user may click the Re-send token to your email instead? after filling in the fields username and password in the login page. The system will prompt if the link to the token is already sent to the user's email address.

6. The user will just have to follow the link provided in the email then copy the token provided and paste it to the token field in the login page. Beware of the 30 seconds timeout.

7. If the user is now in his account, he may just need to go to his profile to scan the QR code with Google authenticator. Make sure the mobile device is connected to the internet during this process.

After the QR code is registered, copy the token provided and add this to the token field in the login page. Again, the token is only available for 30 seconds.

8. Now try to login the user with the token provided by the authenticator.

Content Management System

A similar measure could be put in place for moodLearning-powered CMS. Example here:

See Also