This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
public:mfa [2019/10/23 18:01] ronnie.chan created |
public:mfa [2022/11/28 10:01] (current) kirk.lim Last modified: 2020/09/22 15:18 by ronnie.chan |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Multi-Factor Authentication ====== | + | ====== [V8] Multi-Factor Authentication ====== |
- | To further enhance the security for Ahsay Backup Software, starting from version 8.3, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. | + | |
- | ===== Configuration ===== | + | ===== Why You Need It ===== |
+ | |||
+ | We have received quite some cases from our partners that when their end customers' machines were being hacked, the hackers also entered their OBM / ACB client backup software and removed their backup set data from OBM/ACB > Utitilies > Delete Backup Data. | ||
+ | |||
+ | Therefor, to remove such loophole and to further enhance the security for our Ahsay Backup Software , starting from version 8.3 to v8.7.x.x, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. | ||
+ | |||
+ | ===== Configuration of Twilio on AhsayCBS ===== | ||
+ | |||
+ | First of all, you need to create an account on Twilio's platform. After having an account, get a number from Twilio for sending out SMS message. | ||
{{public:ahsay_mfa_01.jpg}} | {{public:ahsay_mfa_01.jpg}} | ||
Line 9: | Line 16: | ||
{{public:ahsay_mfa_03.jpg}} | {{public:ahsay_mfa_03.jpg}} | ||
+ | |||
+ | After getting a phone number for sending SMS, go to Settings. | ||
{{public:ahsay_mfa_04.jpg}} | {{public:ahsay_mfa_04.jpg}} | ||
Line 15: | Line 24: | ||
{{public:ahsay_mfa_06.jpg}} | {{public:ahsay_mfa_06.jpg}} | ||
+ | |||
+ | Under API Credentials, enter the LIVE Credentials (Account SID and Auth Token) and your Twilio phone number into AhsayCBS > System Settings > Basic > Multi-Factor Authentication (MFA). | ||
{{public:ahsay_mfa_07.jpg}} | {{public:ahsay_mfa_07.jpg}} | ||
{{public:ahsay_mfa_08.jpg}} | {{public:ahsay_mfa_08.jpg}} | ||
+ | |||
+ | Click the green Save button. | ||
{{public:ahsay_mfa_09.jpg}} | {{public:ahsay_mfa_09.jpg}} | ||
- | {{public:ahsay_mfa_10.jpg}} | + | Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button. |
+ | |||
+ | {{public:ahsay_mfa_10a.jpg}} | ||
+ | |||
+ | You should be able to receive an SMS like this. | ||
{{public:ahsay_mfa_11.jpg}} | {{public:ahsay_mfa_11.jpg}} | ||
+ | |||
+ | Enter the passcode into the following screen, then click the Tick button. | ||
{{public:ahsay_mfa_12.jpg}} | {{public:ahsay_mfa_12.jpg}} | ||
+ | |||
+ | You should be able to see this message: "Test completed successfully", meaning Twilio has been configured successfully on your AhsayCBS. | ||
{{public:ahsay_mfa_13.jpg}} | {{public:ahsay_mfa_13.jpg}} | ||
+ | |||
+ | |||
+ | ===== Enable MFA for AhsayOBM / AhsayACB Users ===== | ||
+ | |||
+ | Now, we can enable MFA to selected AhsayOBM / AhsayACB users. By default, all users are with the MFA feature disabled. | ||
{{public:ahsay_mfa_14.jpg}} | {{public:ahsay_mfa_14.jpg}} | ||
Line 35: | Line 61: | ||
{{public:ahsay_mfa_16.jpg}} | {{public:ahsay_mfa_16.jpg}} | ||
+ | |||
+ | To enable MFA for a user, click into the user account > User Profile > Security Settings tab. Then, enable the Security Settings feature. | ||
{{public:ahsay_mfa_17.jpg}} | {{public:ahsay_mfa_17.jpg}} | ||
+ | |||
+ | Click the Add button. | ||
{{public:ahsay_mfa_18.jpg}} | {{public:ahsay_mfa_18.jpg}} | ||
+ | |||
+ | Enter the user's phone number for receiving passcode thru SMS sent from Twilio. | ||
{{public:ahsay_mfa_19.jpg}} | {{public:ahsay_mfa_19.jpg}} | ||
- | {{public:ahsay_mfa_20.jpg}} | + | Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting. |
+ | |||
+ | {{public:ahsay_mfa_20a.jpg}} | ||
+ | |||
+ | MFA is enabled for the selected user. | ||
{{public:ahsay_mfa_21.jpg}} | {{public:ahsay_mfa_21.jpg}} | ||
+ | |||
+ | The user can now open AhsayOBM / AhsayACB's software and enter Login Name and Password as usual. | ||
{{public:ahsay_mfa_22.jpg}} | {{public:ahsay_mfa_22.jpg}} | ||
+ | |||
+ | The user now needs to click on the phone number configured for receiving SMS passcode. | ||
{{public:ahsay_mfa_23.jpg}} | {{public:ahsay_mfa_23.jpg}} | ||
+ | |||
+ | Check the phone for the SMS passcode info. | ||
{{public:ahsay_mfa_24.jpg}} | {{public:ahsay_mfa_24.jpg}} | ||
+ | |||
+ | Enter the passcode into AhsayOBM's corresponding field. | ||
{{public:ahsay_mfa_25.jpg}} | {{public:ahsay_mfa_25.jpg}} | ||
+ | |||
+ | Bingo! | ||
{{public:ahsay_mfa_26.jpg}} | {{public:ahsay_mfa_26.jpg}} | ||
+ | |||
+ | |||
+ | ===== Enable MFA for System Users ===== | ||
+ | |||
+ | You can also enable MFA to selected system user(s) for logging into AhsayCBS web console if needed. | ||
{{public:ahsay_mfa_27.jpg}} | {{public:ahsay_mfa_27.jpg}} | ||
+ | |||
+ | Click into a system user. | ||
{{public:ahsay_mfa_28.jpg}} | {{public:ahsay_mfa_28.jpg}} | ||
+ | |||
+ | Enable the Security Settings. | ||
{{public:ahsay_mfa_29.jpg}} | {{public:ahsay_mfa_29.jpg}} | ||
{{public:ahsay_mfa_30.jpg}} | {{public:ahsay_mfa_30.jpg}} | ||
+ | |||
+ | Save the enabled Security Settings. | ||
{{public:ahsay_mfa_31.jpg}} | {{public:ahsay_mfa_31.jpg}} | ||
+ | |||
+ | Now whenever the system user logs in to AhsayCBS, SMS passcode is required. | ||
{{public:ahsay_mfa_32.jpg}} | {{public:ahsay_mfa_32.jpg}} | ||
Line 73: | Line 132: | ||
{{public:ahsay_mfa_35.jpg}} | {{public:ahsay_mfa_35.jpg}} | ||
+ | |||
+ | ===== Documentation ===== | ||
+ | |||
+ | Read the corresponding section in this [[https://www.ahsay.com/download/download_document_v8_cbs-admin.jsp|AhsayCBS Administrator Guide]] for more details of this feature. |