Two-factor authentication (2FA)
Users can now use 2FA with Google Authenticator (or another Time-Based, One-Time Password aka TOTP-compliant authenticator) to add two-step verification when signing in to GpsGate Server for added security.
- Deploy 2FA on the server (Site Admin user)
- Enable the Two-factor Authentication Manager (Site Admin user)
- Administration of 2FA users (administrator)
- Enable 2FA for your account (end user)
- Log in using 2FA (end user)
- Disable 2FA for your account (end user)
Deploy 2FA on the server (Site Admin user)
An administrator user can update this setting from within any application.
1. From the main menu, choose Server Administration -> Server -> Settings
2. Go to the Security tab. Click the lock and enter your password to make changes.
3. Enable 2FA and enter the issuer.
The 2FA issuer name will be used with your authenticator app.
Enable the Two-factor Authentication Manager (Site Admin user)
To manage 2FA users in an application, go to Site Admin. Go to the privileges and features of the application, navigate to Admin > _Use2FAManager, and enable it.
Enabling this option will enable the Two-factor Authentication Manager inside the application for administrator users.
Administration of 2FA users (administrator)
As an administrator, you can check which users have 2FA enabled and remove the 2FA requirement for users (for example, if they have lost their credentials).
- Log in to your Vehicle Tracker application.
- Select Admin / Two-factor Authentication Manager to see the list of users with 2FA enabled
- To remove 2FA for a user, click on the "Trash" icon.
Enable 2FA for your account (end user)
- Log in to your Vehicle Tracker application (with the end user account).
- Click on Settings in the drop-down menu under your username, select Two-factor authentication.
- Toggle the switch Enable 2FA to On, and enter your password to continue
- Follow the instructions in the 2FA setup screens
- Scan QR code with Google Authenticator (or another authenticator app)
- Enter 6 digit verification code and click Complete.
2FA is now enabled on your account and will be active the next time you log in. Save the backup codes so that you can recover your account if you lose your authenticator device.
Note: When you enable 2FA, it will be used in every application the user belongs to.
Login using 2FA (end user)
With 2FA enabled, you will be asked to verify your identity with your authenticator app. You will be presented with the following screen:
Enter the 6 digit 2FA challenge from your authenticator app to login.
Note: Checking the option "Remember this device for 30 days" will pause verification for a month.
Disable 2FA for your account (end user)
- Login to your Vehicle Tracker application.
- Click on "Settings" in the drop-down menu under your username and select "Two-factor authentication"
- Toggle the switch Enable 2FA to Off, and enter your password to validate it is you
2FA is now disabled for your account. You can re-enable it by toggling the Enable 2FA switch again.