This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
public:mfa [2019/10/24 09:44] ronnie.chan |
public:mfa [2022/11/28 10:01] (current) kirk.lim Last modified: 2020/09/22 15:18 by ronnie.chan |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Multi-Factor Authentication ====== | + | ====== [V8] Multi-Factor Authentication ====== |
- | To further enhance the security for Ahsay Backup Software, starting from version 8.3, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. | + | |
+ | ===== Why You Need It ===== | ||
+ | |||
+ | We have received quite some cases from our partners that when their end customers' machines were being hacked, the hackers also entered their OBM / ACB client backup software and removed their backup set data from OBM/ACB > Utitilies > Delete Backup Data. | ||
+ | |||
+ | Therefor, to remove such loophole and to further enhance the security for our Ahsay Backup Software , starting from version 8.3 to v8.7.x.x, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. | ||
===== Configuration of Twilio on AhsayCBS ===== | ===== Configuration of Twilio on AhsayCBS ===== | ||
- | First of all, you need to create an account on Twilio's platform. After having an account, get a number from Trilio for sending out SMS message. | + | First of all, you need to create an account on Twilio's platform. After having an account, get a number from Twilio for sending out SMS message. |
{{public:ahsay_mfa_01.jpg}} | {{public:ahsay_mfa_01.jpg}} | ||
Line 32: | Line 37: | ||
Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button. | Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button. | ||
- | {{public:ahsay_mfa_10.jpg}} | + | {{public:ahsay_mfa_10a.jpg}} |
You should be able to receive an SMS like this. | You should be able to receive an SMS like this. | ||
Line 71: | Line 76: | ||
Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting. | Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting. | ||
- | {{public:ahsay_mfa_20.jpg}} | + | {{public:ahsay_mfa_20a.jpg}} |
MFA is enabled for the selected user. | MFA is enabled for the selected user. | ||
Line 97: | Line 102: | ||
{{public:ahsay_mfa_26.jpg}} | {{public:ahsay_mfa_26.jpg}} | ||
- | You can also enable MFA to select system user(s) for logging in AhsayCBS web console if needed. | + | |
+ | ===== Enable MFA for System Users ===== | ||
+ | |||
+ | You can also enable MFA to selected system user(s) for logging into AhsayCBS web console if needed. | ||
{{public:ahsay_mfa_27.jpg}} | {{public:ahsay_mfa_27.jpg}} | ||
+ | |||
+ | Click into a system user. | ||
{{public:ahsay_mfa_28.jpg}} | {{public:ahsay_mfa_28.jpg}} | ||
+ | |||
+ | Enable the Security Settings. | ||
{{public:ahsay_mfa_29.jpg}} | {{public:ahsay_mfa_29.jpg}} | ||
{{public:ahsay_mfa_30.jpg}} | {{public:ahsay_mfa_30.jpg}} | ||
+ | |||
+ | Save the enabled Security Settings. | ||
{{public:ahsay_mfa_31.jpg}} | {{public:ahsay_mfa_31.jpg}} | ||
+ | |||
+ | Now whenever the system user logs in to AhsayCBS, SMS passcode is required. | ||
{{public:ahsay_mfa_32.jpg}} | {{public:ahsay_mfa_32.jpg}} |