====== [V8] Multi-Factor Authentication ====== ===== Why You Need It ===== We have received quite some cases from our partners that when their end customers' machines were being hacked, the hackers also entered their OBM / ACB client backup software and removed their backup set data from OBM/ACB > Utitilies > Delete Backup Data. Therefor, to remove such loophole and to further enhance the security for our Ahsay Backup Software , starting from version 8.3 to v8.7.x.x, Twilio has been integrated in Ahsay for providing Multi-Factor Authentication (MFA) to system and backup users. When MFA is enabled to a system or backup user account, the user is required to enter SMS passcode during each login process besides entering the Username and Password. ===== Configuration of Twilio on AhsayCBS ===== First of all, you need to create an account on Twilio's platform. After having an account, get a number from Twilio for sending out SMS message. {{public:ahsay_mfa_01.jpg}} {{public:ahsay_mfa_02.jpg}} {{public:ahsay_mfa_03.jpg}} After getting a phone number for sending SMS, go to Settings. {{public:ahsay_mfa_04.jpg}} {{public:ahsay_mfa_05.jpg}} {{public:ahsay_mfa_06.jpg}} Under API Credentials, enter the LIVE Credentials (Account SID and Auth Token) and your Twilio phone number into AhsayCBS > System Settings > Basic > Multi-Factor Authentication (MFA). {{public:ahsay_mfa_07.jpg}} {{public:ahsay_mfa_08.jpg}} Click the green Save button. {{public:ahsay_mfa_09.jpg}} Enter a phone number for receiving passcode thru SMS sent from Twilio. Then, click the Tick button. {{public:ahsay_mfa_10a.jpg}} You should be able to receive an SMS like this. {{public:ahsay_mfa_11.jpg}} Enter the passcode into the following screen, then click the Tick button. {{public:ahsay_mfa_12.jpg}} You should be able to see this message: "Test completed successfully", meaning Twilio has been configured successfully on your AhsayCBS. {{public:ahsay_mfa_13.jpg}} ===== Enable MFA for AhsayOBM / AhsayACB Users ===== Now, we can enable MFA to selected AhsayOBM / AhsayACB users. By default, all users are with the MFA feature disabled. {{public:ahsay_mfa_14.jpg}} {{public:ahsay_mfa_15.jpg}} {{public:ahsay_mfa_16.jpg}} To enable MFA for a user, click into the user account > User Profile > Security Settings tab. Then, enable the Security Settings feature. {{public:ahsay_mfa_17.jpg}} Click the Add button. {{public:ahsay_mfa_18.jpg}} Enter the user's phone number for receiving passcode thru SMS sent from Twilio. {{public:ahsay_mfa_19.jpg}} Right after enabling the feature, the status is not yet verified. Click the green Save button to save enabled MFA setting. {{public:ahsay_mfa_20a.jpg}} MFA is enabled for the selected user. {{public:ahsay_mfa_21.jpg}} The user can now open AhsayOBM / AhsayACB's software and enter Login Name and Password as usual. {{public:ahsay_mfa_22.jpg}} The user now needs to click on the phone number configured for receiving SMS passcode. {{public:ahsay_mfa_23.jpg}} Check the phone for the SMS passcode info. {{public:ahsay_mfa_24.jpg}} Enter the passcode into AhsayOBM's corresponding field. {{public:ahsay_mfa_25.jpg}} Bingo! {{public:ahsay_mfa_26.jpg}} ===== Enable MFA for System Users ===== You can also enable MFA to selected system user(s) for logging into AhsayCBS web console if needed. {{public:ahsay_mfa_27.jpg}} Click into a system user. {{public:ahsay_mfa_28.jpg}} Enable the Security Settings. {{public:ahsay_mfa_29.jpg}} {{public:ahsay_mfa_30.jpg}} Save the enabled Security Settings. {{public:ahsay_mfa_31.jpg}} Now whenever the system user logs in to AhsayCBS, SMS passcode is required. {{public:ahsay_mfa_32.jpg}} {{public:ahsay_mfa_33.jpg}} {{public:ahsay_mfa_34.jpg}} {{public:ahsay_mfa_35.jpg}} ===== Documentation ===== Read the corresponding section in this [[https://www.ahsay.com/download/download_document_v8_cbs-admin.jsp|AhsayCBS Administrator Guide]] for more details of this feature.