Multi-Factor Authentication

Multi-factor authentication (MFA), also known as 2-factor authentication, allows you to add an extra layer of security to your Connectware account. With MFA, you need a one-time code generated by an authentication app in addition to your main Connectware password to sign in.

If you do not have access to your authentication device, you can use backup codes to sign in or ask a Connectware admin to disable your MFA. Connectware admins can disable MFA for each user individually.

Prerequisites for Multi-Factor Authentication

Your organization has enabled multi-factor authentication for your Connectware account.

Depending on the Connectware settings of your organization, logging in via multi-factor authentication can be optional or required.

You have an authentication app that supports the time-based one-time password (TOTP) protocol. We recommend the following apps:
- Google Authenticator
- Microsoft Authenticator
- Authy
- FreeOTP

You do not need an Internet connection to use multi-factor authentication for logging in.

Setting up Multi-Factor Authentication

On the navigation panel, click Settings.
Click Enable Multi-Factor Authentication.
Open your authentication app and do one of the following:

Scan the QR code.
Enter your secret key.
The authentication app generates a one-time 6-digit code.

Enter the one-time 6-digit code in the Register Device fields and click Enable Multi-Factor Authentication. Connectware displays a list of backup codes. If you do not have access to your authentication device, you can use a backup code instead of a one-time 6-digit code. You can use each backup code only once. Alternatively, you can ask a Connectware admin to disable your MFA.
Copy and paste the backup codes to a safe location.

Signing in with Multi-Factor Authentication

On the Connectware login screen, enter your Username and Password.
Click Sign In.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app.

Signing in with Multi-Factor Authentication Backup Codes

If you have no access to your multi-factor authentication app, you can use backup codes instead of a one-time 6-digit code to sign in to Connectware. Backup codes are displayed when you set up multi-factor authentication.

This gives you access to Connectware in case you have misplaced your authentication device, uninstalled your authentication app or removed Connectware from your authentication app.

You can use each backup code only once.

On the Connectware login screen, enter your Username and Password.
Click Sign In.
Click Use backup code.
In the Backup Code field, enter your backup code and click Sign In.

Disabling Multi-Factor Authentication (User)

You must have access to your authentication app to disable multi-factor authentication.

If you do not have access to your authentication app, ask a Connectware admin to disable your multi-factor authentication.

On the navigation panel, click Settings.
In the Multi-Factor Authentication section, click Disable Multi-Factor Authentication.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app.
Click Disable Multi-Factor Authentication.

Disabling Multi-Factor Authentication (Admin)

As a Connectware admin, you can disable multi-factor authentication for each user individually.

On the navigation panel, select User Management > Users and Roles.
Click the user for which you want to disable the multi-factor authentication.
In the MFA row, click Disable.
Click Update.

Regenerate Backup Codes

You must have access to your authentication app to regenerate multi-factor authentication backup codes.

On the navigation panel, click Settings.
In the Multi-Factor Authentication section, click Regenerate Backup Codes.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app in the text field.
Click Regenerate Backup Codes.

Making Multi-Factor Authentication Mandatory for Individual Users (Admin)

As a Connectware admin, you can set multi-factor authentication to be the mandatory login method for individual users.

For LDAP users, you can set a flag to make multi-factor authentication the mandatory login method for all new LDAP users (see configuration page).

On the navigation panel, select User Management > Users and Roles.
Click the user for which you want to make multi-factor authentication mandatory.
In the MFA (Required) row, click Enable.
Click Update.

PreviousAdding a MQTT Publish Prefix for Users NextLong lived JSON Web Tokens

Last updated 8 months ago

Was this helpful?

Multi-Factor Authentication

Prerequisites for Multi-Factor Authentication

Your organization has enabled multi-factor authentication for your Connectware account.

Depending on the Connectware settings of your organization, logging in via multi-factor authentication can be optional or required.

You have an authentication app that supports the time-based one-time password (TOTP) protocol. We recommend the following apps:
- Google Authenticator
- Microsoft Authenticator
- Authy
- FreeOTP

You do not need an Internet connection to use multi-factor authentication for logging in.

Setting up Multi-Factor Authentication

On the navigation panel, click Settings.
Click Enable Multi-Factor Authentication.
Open your authentication app and do one of the following:

Scan the QR code.
Enter your secret key.
The authentication app generates a one-time 6-digit code.

Enter the one-time 6-digit code in the Register Device fields and click Enable Multi-Factor Authentication. Connectware displays a list of backup codes. If you do not have access to your authentication device, you can use a backup code instead of a one-time 6-digit code. You can use each backup code only once. Alternatively, you can ask a Connectware admin to disable your MFA.
Copy and paste the backup codes to a safe location.

Signing in with Multi-Factor Authentication

On the Connectware login screen, enter your Username and Password.
Click Sign In.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app.

Signing in with Multi-Factor Authentication Backup Codes

This gives you access to Connectware in case you have misplaced your authentication device, uninstalled your authentication app or removed Connectware from your authentication app.

You can use each backup code only once.

On the Connectware login screen, enter your Username and Password.
Click Sign In.
Click Use backup code.
In the Backup Code field, enter your backup code and click Sign In.

Disabling Multi-Factor Authentication (User)

You must have access to your authentication app to disable multi-factor authentication.

If you do not have access to your authentication app, ask a Connectware admin to disable your multi-factor authentication.

On the navigation panel, click Settings.
In the Multi-Factor Authentication section, click Disable Multi-Factor Authentication.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app.
Click Disable Multi-Factor Authentication.

Disabling Multi-Factor Authentication (Admin)

As a Connectware admin, you can disable multi-factor authentication for each user individually.

On the navigation panel, select User Management > Users and Roles.
Click the user for which you want to disable the multi-factor authentication.
In the MFA row, click Disable.
Click Update.

Regenerate Backup Codes

You must have access to your authentication app to regenerate multi-factor authentication backup codes.

On the navigation panel, click Settings.
In the Multi-Factor Authentication section, click Regenerate Backup Codes.
Open the authentication app and select your Connectware account.
Enter the one-time 6-digit code displayed on the authentication app in the text field.
Click Regenerate Backup Codes.

Making Multi-Factor Authentication Mandatory for Individual Users (Admin)

As a Connectware admin, you can set multi-factor authentication to be the mandatory login method for individual users.

For LDAP users, you can set a flag to make multi-factor authentication the mandatory login method for all new LDAP users (see configuration page).

On the navigation panel, select User Management > Users and Roles.
Click the user for which you want to make multi-factor authentication mandatory.
In the MFA (Required) row, click Enable.
Click Update.

PreviousAdding a MQTT Publish Prefix for Users NextLong lived JSON Web Tokens

Last updated 8 months ago

Was this helpful?