Two-factor authentication (2FA)

Users can now use 2FA with Google Authenticator (or another Time-Based, One-Time Password aka TOTP-compliant authenticator) to add two-step verification when signing in to GpsGate Server for added security.

Deploy 2FA at the server level

An administrator user can update this setting from within any application.

1. From the main menu, choose Site Admin → Account Settings -> Account Security

Screenshot 2024-07-18 at 13.07.40.png

2. Click Allowed to make changes, and enter your password to make modifications.

3. Enable 2FA and enter the issuer.

The 2FA issuer name will be used with your authenticator app.

Screenshot 2024-07-18 at 13.09.20.png

Enable the Two-factor Authentication per application

Each application could have 2FA enabled or not. To enable it, follow these steps:

  • Go to Site Admin → privileges and plugins of the application → _Use2FAManager, and enable it.
  • Save your application.

Enable 2FA for your account (end-user)

  1. Log in to your Vehicle Tracker application (with the end user account).
  2. Click on User Settings in the menu under your username.
  3. Screenshot 2024-07-18 at 13.10.38.png
  4. Select Two-factor authentication.
    Screenshot 2024-07-18 at 13.12.21.png
  5. Toggle the switch Enable 2FA to On, and enter your password to continue
  6. Add your password:

Screenshot 2024-07-18 at 13.12.32.png

7. Follow the instructions in the 2FA setup screens
- Scan QR code with Google Authenticator (or another authenticator app)
- Enter 6 digit verification code and click Complete.
2fa-qr.png

2FA is now enabled on your account and will be active the next time you log in. Save the backup codes so that you can recover your account if you lose your authenticator device.

Note: When you enable 2FA, it will be used in every application the user belongs to.

Login using 2FA (end-user)

With 2FA enabled, you will be asked to verify your identity with your authenticator app. You will be presented with the following screen:
2fa-login.png

Enter the 6-digit 2FA challenge from your authenticator app to log in.

Note: Checking the option "Remember this device for 30 days" will pause verification for a month.

Disable 2FA for the user

  1. Login to your Vehicle Tracker application.
  2. Click on "Settings" in the menu under your username and select "Two-factor authentication"
  3. Toggle the switch Enable 2FA to Off, and enter your password to validate it is you

2FA is now disabled for your account. You can re-enable it by toggling the Enable 2FA switch again.

Administration of 2FA users inside the application

As an administrator, you can check which users have 2FA enabled and remove the 2FA requirement for users (for example, if they have lost their credentials).

1. Select Admin Two-factor Authentication Manager to see the list of users with 2FA enabled

Screenshot 2024-07-18 at 13.15.32.png
Screenshot 2024-07-18 at 13.16.42.png

  • To remove 2FA for a user, click on the remove icon.