This feature is available only in the Enterprise FileRun version.
With 2-Step Verification, also known as “Two Factor Authentication” (or 2FA for short), you'll protect your user accounts with something they know (their passwords) and something they have (their mobile devices). With 2-Step Verification, if a bad guy gets his hands on a user's password, he'll still need the user's mobile device in order to sign into the FileRun account.
Signing in to the FileRun account will work a bit different
1. Whenever your users sign in to FileRun, they'll enter their passwords as usual.
2. Then, they'll be asked for a code that will be generated by a mobile app such as Google Authenticator. These codes can be used only once and their are valid for about 60 seconds (just enough time to allow you to type them in).
Enabling 2-step verification
The option can be turned on or off by the administrator, for each FileRun user account. It requires no effort from the admin user. Just click the “Enable 2-step verification” checkbox available when adding or editing a user account.
First sign in
When a FileRun user with 2-step verification enabled tried to sign into his account for the first time, he will be asked to scan a QR code with his mobile, using the “Google Authenticator” app.
Note: As FileRun follows the RFC6238 standard for TOTP security tokens, “Google Authenticator” is not the only app that can be used. “Authy” (https://www.authy.com) or “Tokenizator” are examples of other programs that can have been tested to work with FileRun.
Follow these steps:
- Install “Google Authenticator” using your mobile's app store.
- Open “Google Authenticator” app and tap “Begin setup”
- Tap “Scan a barcode” and point the mobile device's camera at the bar code on the computer screen.
- Click “Done” on FileRun's login page.
- Type inside the FileRun login form the verification code displayed on your mobile device.
Subsequent sign ins
After you have added your FileRun account to Google Authenticator, you will no longer be asked to scan a bar code, but only to provide the verification code.
To speed the login process up and avoid the above message, simply type in the verification in the same field as your password, separated by a forward slash character.
For example, if your password is “MyPassword” and the code is “123456”. Type inside the “Password” field “MyPassword/123456”.
If you enable the “Keep me signed in” checkbox in the login form, you will not be asked to provide a verification code again, until you click “Sign out” in FileRun.
These methods work also with the touch FileRun user interface.
Changing/loosing the mobile device
If you have a new mobile device, use the “Forgot password?” link (available on the FileRun login form) to reset your password.
This will also render useless the codes generated with “Google Authenticator” on the old mobile device.
Using WebDAV with 2-step verification
As WebDAV cannot display a separate field for the verification code, provide the verification inside the password field, separated by a forward slash character. For example, if your password is “MyPassword” and the code is “123456”. Type inside the “Password” field “MyPassword/123456”.