2. Two-factor authentication#
2FA is an authentication method that requires the user to present at least two types of evidence. 2FA increases the protection for user data, because users need to provide two pieces: knowledge, such as a password, and something in the users’ possession, such as the OTP. It also increases the security of the system by avoiding account locking on known accounts, because of malicious attacks.
In Nubus, 2FA grants users access to a service after they sign in with a password and an OTP which are two types of evidence. Third party password generators randomly generate an OTP, such as FreeOTP or Google Authenticator.
In Nubus, the 2FA Helpdesk application provides two capabilities:
The self-service capability that enables end users to reset their own 2FA configuration.
The administration helpdesk that enables functional administrators to reset the 2FA configuration for any user in the domain.
If you are a user that wants to know how to reset your 2FA configuration, you need to know your password for the reset and refer to 2FA Self-Service.
If you’re a functional administrator, and you want to manage the 2FA configuration of users in your domain, refer to 2FA Administrator Helpdesk.
See also
- Wikipedia: Multi-factor authentication
for more information about multi-factor authentication.