Set up two-factor authentication using one-time passwords in the Kuroco administration screen.
Overview
You can set up two-factor authentication with one-time password for Kuroco admin login. Google Authenticator is used to issue one-time passwords.
What you'll learn
You'll learn how to set up two-factor authentication with one-time password by following these steps:
- Enabling the use of one-time passwords
- Registering a one-time password
- Making one-time password usage mandatory
Setting up One-Time Passwords
You can enable the use of one-time passwords in [Environment Settings] -> [Site Management], but if you set it to [Required], existing users without registered one-time passwords will not be able to log in to the admin page until they configure one-time passwords during the login process.
In this tutorial, we will introduce the process of optionally setting up the use of one-time passwords, and after each user has completed their registration of the one-time password, we will explain the [required] settings.
Enabling the use of one-time passwords
Click [Environment] -> [Site settings].
Set the Authentication code in the Login section to [Use].
Registering a one-time password
You can register a one-time password from the member settings in the admin page. Go to your member information by clicking [Member] -> [Member] or by clicking your icon in the upper right corner of the admin page.
Click [Set up] for 2-Step Verification in the ID information tab.
The one-time password setup screen will open, so click [Register].
Open the Google Authenticator app, scan the QR code, and enter the 6-digit authentication code.
If you are not using a QR Based Authenticator, then you need to [click to view the secret key].
Once the registration of the one-time password is complete and you return to the member information page, the setup is finished.
From the next login, after entering your ID (or email address) and password, you will need to enter a one-time password.
Making one-time password usage mandatory
Finally, change the one-time password setting to [Required] from [Environment Settings] -> [Site Management].
Existing users who have not registered a one-time password will be unable to log in to the admin panel until they complete one-time password registration. Upon login, they will be shown the one-time password registration screen. Additionally, new users will be shown the one-time password registration screen during their first login.
If there is any other two-factor authentication also set as required. Then either one of the required two-factor authentication methods will be required. User will have a choice on which one to register.
That's it! You have completed setting up two-factor authentication with one-time password.
How to Disable One-Time Passwords
If you have lost a device where Google Authenticator was installed and you need to disable the one-time passwords, you cannot do it yourself as the user in question.
Please contact the site administrator and request them to disable the one-time password from the member information on the administration panel.
Support
If you have any other questions, please contact us or check out Our Slack Community.