User Tools

Site Tools


Sidebar

Announcement

Ahsay Backup Software

Backup Set Types

Supported Storage

Features in OBM / ACB

Features in CBS

Brand and Customize

License

Documentation

Performance Testing

FAQs and Known Issues

Can't Find What You Need?

public:mfa

[V8] Multi-Factor Authentication

Why You Need It

We have received quite some cases from our partners that when their end customers' machines were being hacked, the hackers also entered their OBM / ACB client backup software and removed their backup set data from OBM/ACB > Utitilies > Delete Backup Data.

Therefor, to remove such loophole and to further enhance the security for our Ahsay Backup Software , starting from version 8.3 to v8.7.x.x, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password.

Configuration of Twilio on AhsayCBS

First of all, you need to create an account on Twilio's platform. After having an account, get a number from Twilio for sending out SMS message.

ahsay_mfa_01.jpg

ahsay_mfa_02.jpg

ahsay_mfa_03.jpg

After getting a phone number for sending SMS, go to Settings.

ahsay_mfa_04.jpg

ahsay_mfa_05.jpg

ahsay_mfa_06.jpg

Under API Credentials, enter the LIVE Credentials (Account SID and Auth Token) and your Twilio phone number into AhsayCBS > System Settings > Basic > Multi-Factor Authentication (MFA).

ahsay_mfa_07.jpg

ahsay_mfa_08.jpg

Click the green Save button.

ahsay_mfa_09.jpg

Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button.

ahsay_mfa_10a.jpg

You should be able to receive an SMS like this.

ahsay_mfa_11.jpg

Enter the passcode into the following screen, then click the Tick button.

ahsay_mfa_12.jpg

You should be able to see this message: “Test completed successfully”, meaning Twilio has been configured successfully on your AhsayCBS.

ahsay_mfa_13.jpg

Enable MFA for AhsayOBM / AhsayACB Users

Now, we can enable MFA to selected AhsayOBM / AhsayACB users. By default, all users are with the MFA feature disabled.

ahsay_mfa_14.jpg

ahsay_mfa_15.jpg

ahsay_mfa_16.jpg

To enable MFA for a user, click into the user account > User Profile > Security Settings tab. Then, enable the Security Settings feature.

ahsay_mfa_17.jpg

Click the Add button.

ahsay_mfa_18.jpg

Enter the user's phone number for receiving passcode thru SMS sent from Twilio.

ahsay_mfa_19.jpg

Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting.

ahsay_mfa_20a.jpg

MFA is enabled for the selected user.

ahsay_mfa_21.jpg

The user can now open AhsayOBM / AhsayACB's software and enter Login Name and Password as usual.

ahsay_mfa_22.jpg

The user now needs to click on the phone number configured for receiving SMS passcode.

ahsay_mfa_23.jpg

Check the phone for the SMS passcode info.

ahsay_mfa_24.jpg

Enter the passcode into AhsayOBM's corresponding field.

ahsay_mfa_25.jpg

Bingo!

ahsay_mfa_26.jpg

Enable MFA for System Users

You can also enable MFA to selected system user(s) for logging into AhsayCBS web console if needed.

ahsay_mfa_27.jpg

Click into a system user.

ahsay_mfa_28.jpg

Enable the Security Settings.

ahsay_mfa_29.jpg

ahsay_mfa_30.jpg

Save the enabled Security Settings.

ahsay_mfa_31.jpg

Now whenever the system user logs in to AhsayCBS, SMS passcode is required.

ahsay_mfa_32.jpg

ahsay_mfa_33.jpg

ahsay_mfa_34.jpg

ahsay_mfa_35.jpg

Documentation

Read the corresponding section in this AhsayCBS Administrator Guide for more details of this feature.

public/mfa.txt · Last modified: 2022/11/28 10:01 by kirk.lim

Page Tools