Multi-Factor Authentication

Version 5.1.0+

Yarkon supports Multi-factor authentication (MFA) using any Time-based One-time Password (TOTP) compatible app such as Google Authenticator, Authy or Duo. You can use it to add another layer of security to your account, by allowing end user to opt in and use it to enhance the security of their login process.

Server Side

Use the MFA tab to turn the feature on:

Multi-factor authentication set up

Client Side

Once the MFA feature is enabled at the account level, end users can optionally enable MFA protected logins for their own respective user accounts.

Users can access the MFA option from the Settings form, under the security tab. After going through a password verification, the user would be presented with a Q-code (see image below), to be scanned by a mobile device equipped by any TOTP compatible app, like Google Authenticator etc. To complete the set up, the user must successfully enter a code generated by the mobile app.

Multi-factor authentication set up - settings
Multi-factor authentication set up - verify password
Multi-factor authentication set up - scan barcode
Multi-factor authentication set up - code

In their next login, after the standard username-password prompt, the user would be subsequently asked to enter the code generated by their mobile app to be able to login into the system.

Multi-factor authentication login - password
Multi-factor authentication login - code