User Tools

Site Tools

You are here: Ahsay Wiki » Welcome to AhsayWiki » [V8] Multi-Factor Authentication
public:mfa

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
public:mfa [2019/10/23 18:01]
ronnie.chan created 		public:mfa [2022/11/28 10:01] (current)
kirk.lim Last modified: 2020/09/22 15:18 by ronnie.chan
Line 1: Line 1:
-====== Multi-Factor Authentication ====== +====== ​[V8] Multi-Factor Authentication ======
-To further enhance the security for Ahsay Backup Software, starting from version 8.3, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. ​+
  
-===== Configuration =====+===== Why You Need It ===== 
 + 
 +We have received quite some cases from our partners that when their end customers'​ machines were being hacked, the hackers also entered their OBM / ACB client backup software and removed their backup set data from OBM/ACB > Utitilies > Delete Backup Data.  
 + 
 +Therefor, to remove such loophole and to further enhance the security for our Ahsay Backup Software , starting from version 8.3 to v8.7.x.x, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password.  
 + 
 +===== Configuration ​of Twilio on AhsayCBS ​===== 
 + 
 +First of all, you need to create an account on Twilio'​s platform. After having an account, get a number from Twilio for sending out SMS message.
  
 {{public:​ahsay_mfa_01.jpg}} {{public:​ahsay_mfa_01.jpg}}
Line 9: Line 16:
  
 {{public:​ahsay_mfa_03.jpg}} {{public:​ahsay_mfa_03.jpg}}
 +
 +After getting a phone number for sending SMS, go to Settings.
  
 {{public:​ahsay_mfa_04.jpg}} {{public:​ahsay_mfa_04.jpg}}
Line 15: Line 24:
  
 {{public:​ahsay_mfa_06.jpg}} {{public:​ahsay_mfa_06.jpg}}
 +
 +Under API Credentials,​ enter the LIVE Credentials (Account SID and Auth Token) and your Twilio phone number into AhsayCBS > System Settings > Basic > Multi-Factor Authentication (MFA). ​
  
 {{public:​ahsay_mfa_07.jpg}} {{public:​ahsay_mfa_07.jpg}}
  
 {{public:​ahsay_mfa_08.jpg}} {{public:​ahsay_mfa_08.jpg}}
 +
 +Click the green Save button.
  
 {{public:​ahsay_mfa_09.jpg}} {{public:​ahsay_mfa_09.jpg}}
  
-{{public:ahsay_mfa_10.jpg}}+Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button. 
 + 
 +{{public:ahsay_mfa_10a.jpg}} 
 + 
 +You should be able to receive an SMS like this. 
  
 {{public:​ahsay_mfa_11.jpg}} {{public:​ahsay_mfa_11.jpg}}
 +
 +Enter the passcode into the following screen, then click the Tick button.
  
 {{public:​ahsay_mfa_12.jpg}} {{public:​ahsay_mfa_12.jpg}}
 +
 +You should be able to see this message: "Test completed successfully",​ meaning Twilio has been configured successfully on your AhsayCBS.
  
 {{public:​ahsay_mfa_13.jpg}} {{public:​ahsay_mfa_13.jpg}}
 +
 +
 +===== Enable MFA for AhsayOBM / AhsayACB Users =====
 +
 +Now, we can enable MFA to selected AhsayOBM / AhsayACB users. By default, all users are with the MFA feature disabled.
  
 {{public:​ahsay_mfa_14.jpg}} {{public:​ahsay_mfa_14.jpg}}
Line 35: Line 61:
  
 {{public:​ahsay_mfa_16.jpg}} {{public:​ahsay_mfa_16.jpg}}
 +
 +To enable MFA for a user, click into the user account > User Profile > Security Settings tab. Then, enable the Security Settings feature.
  
 {{public:​ahsay_mfa_17.jpg}} {{public:​ahsay_mfa_17.jpg}}
 +
 +Click the Add button.
  
 {{public:​ahsay_mfa_18.jpg}} {{public:​ahsay_mfa_18.jpg}}
 +
 +Enter the user's phone number for receiving passcode thru SMS sent from Twilio.
  
 {{public:​ahsay_mfa_19.jpg}} {{public:​ahsay_mfa_19.jpg}}
  
-{{public:ahsay_mfa_20.jpg}}+Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting. 
 + 
 +{{public:ahsay_mfa_20a.jpg}} 
 + 
 +MFA is enabled for the selected user.
  
 {{public:​ahsay_mfa_21.jpg}} {{public:​ahsay_mfa_21.jpg}}
 +
 +The user can now open AhsayOBM / AhsayACB'​s software and enter Login Name and Password as usual.
  
 {{public:​ahsay_mfa_22.jpg}} {{public:​ahsay_mfa_22.jpg}}
 +
 +The user now needs to click on the phone number configured for receiving SMS passcode.
  
 {{public:​ahsay_mfa_23.jpg}} {{public:​ahsay_mfa_23.jpg}}
 +
 +Check the phone for the SMS passcode info.
  
 {{public:​ahsay_mfa_24.jpg}} {{public:​ahsay_mfa_24.jpg}}
 +
 +Enter the passcode into AhsayOBM'​s corresponding field.
  
 {{public:​ahsay_mfa_25.jpg}} {{public:​ahsay_mfa_25.jpg}}
 +
 +Bingo! ​
  
 {{public:​ahsay_mfa_26.jpg}} {{public:​ahsay_mfa_26.jpg}}
 +
 +
 +===== Enable MFA for System Users =====
 +
 +You can also enable MFA to selected system user(s) for logging into AhsayCBS web console if needed.
  
 {{public:​ahsay_mfa_27.jpg}} {{public:​ahsay_mfa_27.jpg}}
 +
 +Click into a system user.
  
 {{public:​ahsay_mfa_28.jpg}} {{public:​ahsay_mfa_28.jpg}}
 +
 +Enable the Security Settings.
  
 {{public:​ahsay_mfa_29.jpg}} {{public:​ahsay_mfa_29.jpg}}
  
 {{public:​ahsay_mfa_30.jpg}} {{public:​ahsay_mfa_30.jpg}}
 +
 +Save the enabled Security Settings.
  
 {{public:​ahsay_mfa_31.jpg}} {{public:​ahsay_mfa_31.jpg}}
 +
 +Now whenever the system user logs in to AhsayCBS, SMS passcode is required.
  
 {{public:​ahsay_mfa_32.jpg}} {{public:​ahsay_mfa_32.jpg}}
Line 73: Line 132:
  
 {{public:​ahsay_mfa_35.jpg}} {{public:​ahsay_mfa_35.jpg}}
 +
 +===== Documentation =====
 +
 +Read the corresponding section in this [[https://​www.ahsay.com/​download/​download_document_v8_cbs-admin.jsp|AhsayCBS Administrator Guide]] for more details of this feature.
public/mfa.1571824896.txt.gz · Last modified: 2019/10/23 18:01 by ronnie.chan

Page Tools