When you are considering authentication, admin is the first person which needs to be authenticated. The reason behind is admin handles multiple user data. So along with admin(Self) users
security is also dependant upon the admin only. The basic tarditonal authentication method (username and passeword) dosen't match the fast paced vulnerabilities going on in the cyber world. So to
protect admin systems from such type of vulnerabilities miniOrange helps you to set additional authentication method which will add an extra layer of security while login to your
admin system. This is done by configuring two-factor authentication(2FA) method.
You can set 2FA methods differently for admin and users. By configuring 2FA for admin, admin system will head up with higher security. miniOrange helps you to integrate 2FA for your admin system easily with 15+ 2FA methods. You can choose from any of the methods (KBA,OTP over SMS/email,Google authenticator,Yubikey,Push notifications,Out of Band etc) and secure your admin system. Given below is the guide to setup two-factor authentication for admin with multiple demonstrations.
As you will select the option you can customize settings according to your way.
In this 2FA-method, user answers some knowledge-based security questions and customise one question which are only known to him to authenticate himself.
In this 2FA(Two Factor Authentication) method, User receives an OTP over SMS containing a 6-8 numeric key. You need to follow the given steps to enable it in your (admin) plugin for end users security.
In this 2FA method, User is sent a message with accept or deny link.
The process of Mobile Authentication works such as, a user needs to scan the barcode from his mobile using the miniOrange Authenticator app to proceed.
The process of PUSH Notifications works as, the user receives a push notifications on his mobile which he needs to ACCEPT | DENY.
A Soft Token is a piece of a two factor authentication security used to authorize the end user. In this method, User needs to enter the 6-8 numeric key from his mobile.
In "OTP Over Email" 2FA method, User receives an email containing a 6-8 digit numeric key which he needs to enter to use services which are granted to him.
In "OUT OF BAND EMAIL" 2FA method, User receives an email with a link which he needs to click to accept|deny the transaction.
In this method, User needs to enter 6 digits passcode generated by Google Authenticator app.
"YUBIKEY hardware Token" is a 2fa verification method, in which a user needs to connect a USB into his computer which generates token in the form of an alphabetic key. This process works with the combination of an OTP & hardware tokens.
In this method, User needs to enter 6 digits passcode generated by Microsoft Authenticator app.
In "OTP Over SMS and Email" 2FA method, User receives 6-8 digit numeric key OTP via EMAIL and SMS both. User need to enter this numeric OTP to use services which are granted to him.
In "Phone Verification" 2FA method, User receives a call telling a 4-8 digit numeric key which user need to enter to authenticate and use services which are granted to him.