Two-factor authentication (2FA)

Users can now use 2FA with Google Authenticator (or another Time-Based, One-Time Password aka TOTP-compliant authenticator) to add two-step verification when signing in to GpsGate Server for added security.

Installation steps

Deploy 2FA on the server (Site Admin user)

To use 2FA on your GpsGate Server, you need to enable the two-factor authentication toggle in Site Admin > Security > Authentication as shown below.

2fa-enable-server.png

The 2FA issuer name will be used with your authenticator app.

Enable the Two-factor Authentication Manager (Site Admin user)

To manage 2FA users in an application, go to the privileges and features of the application, navigate to Admin > _Use2FAManager, and enable it.

Enabling this option will enable the Two-factor Authentication Manager inside the application for administrator users.

Administration of 2FA users (administrator)

As an administrator, you can check which users have 2FA enabled and remove the 2FA requirement for users (for example, if they have lost their credentials).

  1. Log in to your Vehicle Tracker application.
  2. Select Admin / Two-factor Authentication Manager to see the list of users with 2FA enabled
    2fa-admin.png
  3. To remove 2FA for a user, click on the "Trash" icon.

Enable 2FA for your account (end user)

  1. Log in to your Vehicle Tracker application
  2. Click on Settings in the drop-down menu under your username, select Two-factor authentication
    2fa-toggle.png
  3. Toggle the switch Enable 2FA to On, and enter your password to continue
  4. Follow the instructions in the 2FA setup screens
    - Scan QR code with Google Authenticator (or another authenticator app)
    - Enter 6 digit verification code and click Complete
    2fa-qr.png

2FA is now enabled on your account and will be active the next time you log in. Save the backup codes so that you can recover your account if you lose your authenticator device.

Note: When you enable 2FA, it will be used in every application the user belongs to.

Login using 2FA (end user)

With 2FA enabled, you will be asked to verify your identity with your authenticator app. You will be presented with the following screen:
2fa-login.png

Enter the 6 digit 2FA challenge from your authenticator app to login.

Note: Checking the option "Remember this device for 30 days" will pause verification for a month.

Disable 2FA for your account (end user)

  1. Login to your Vehicle Tracker application.
  2. Click on "Settings" in the drop-down menu under your username and select "Two-factor authentication"
  3. Toggle the switch Enable 2FA to Off, and enter your password to validate it is you

2FA is now disabled for your account. You can re-enable it by toggling the Enable 2FA switch again.