MFA Configuration
To enable multi-factor authentication (MFA), you must set up certain configurations..
In systems that involve user authentication and data protection, encryption and salting mechanisms are critical to ensure that user authentication processes are both secure and trustworthy.
Secret: A secret key used for encryption.
Salt: A random value to enhance security.
These elements strengthen the MFA process to ensure a secure and reliable user authentication.
The following parameters are available for configuring MFA in Connectware.
| Parameter | Description |
|---|---|
| Enables the MFA feature when set to |
| The key used for MFA encryption. |
| Additional random element used in the MFA encryption process. |
| Optional: Specifies the maximum number of incorrect OTPs a user can input during MFA login before their account is temporarily deactivated. |
| Optional: Defines the duration (in minutes) of temporary account deactivation after multiple failed OTP attempts during MFA login. |
Keep in mind that the combination of CYBUS_MFA_ENCRYPTION_SECRET and CYBUS_MFA_ENCRYPTION_SALT ensures the cryptographic robustness of 2FA tokens, making them both safe and distinct. If these values are compromised, it would expose the system to potential unauthorized access and breaches. By modifying these values, previously generated 2FA secrets became undecipherable. As a consequence, users with 2FA enabled would be unable to log in anymore.
Example configuration:
Related Links
Last updated
