Escan/english/escan20/twofactorauthentication

From eScan Wiki
Revision as of 09:32, 23 April 2021 by imported>TechContent
Jump to navigation Jump to search

Two-Factor Authentication

The system login password is Single-Factor Authentication which is considered unsecure as it may put your system's data at high risk of compromise. The Two-Factor Authentication, also more commonly known as 2FA, adds an extra layer of protection to your computer. The 2FA feature mandates you to enter a Time-based One-Time Password (TOTP) after entering Windows login credentials. So, even if somebody knows your login credentials, the 2FA feature secures data against unauthorized logins. You can use various options to set password for the 2FA. You can set password or you can use the eScan administrator password in case the system is offline (without internet access). To use 2FA online authentication, you need to install the Authenticator app for Android devices from Play Store or for iOS devices from App Store on your smart device. The Authenticator app needs camera access for scanning a QR code in the Authenticator app.

NOTE

Ensure that the smart device's date and time matches with the system's date and time or else TOTPs generated by app won't get validated.

Enabling 2FA login

To enable 2FA login, follow the below steps:

  1. Open eScan Protection Center,
    • From desktop, double-click the Protection center icon present in the system tray.
    • From taskbar, right-click the Protection Center icon and click Open eScan Protection Center.
  1. Click two-factor authentication.
  1. Select Enable Two-Factor uthentication. This will enable the other configuration settings.

NOTE

Unlock option will be enabled only after selecting User Logon option.
  1. You can configure it according to your requirement and click Save. The 2FA will work according to the configuration.

<a name="_Toc64042303"></a><a name="_Login_Scenarios"></a>Login Scenarios

The 2FA feature can be used for following all login scenarios:

 

RDP

RDP stands for Remote Desktop Protocol.  Whenever someone takes remote connection of a your system, the personnel will have to enter system login credentials and 2FA passcode to access the system.

 

Safe Mode

After a system is booted in Safe Mode, the personnel will have to enter system login credentials and 2FA passcode to access the system.

 

Local Logon

Whenever a system is powered on or restarted, the personnel will have to enter system login credentials and 2FA passcode to access the system.

 

Unlock

Whenever a system is unlocked, the personnel will have to enter login credentials and 2FA passcode to access the system.

<a name="_Toc64042304">Password Types</a>

You can use following password types to log in:

 

Use eScan Administrator Password

You can use the existing eScan Administrator password for 2FA login.

 

Use Other Password

You can set a new password which can be combination of uppercase, lowercase, numbers, and special characters.

 

Use Online Two-Factor Authentication

To use Online 2FA authentication, follow the steps given below:

  1. Install the Authenticator app from Play Store for Android devices or App Store for iOS devices.
  2. Open the Authenticator app and tap Scan a barcode.

<img border=0 width=356 height=224 id="Picture 6" src="TSS%20UG%20v20_reviewed_files/image107.png">

  1. Now, open eScan Protection Center on your system and click two-factor authentication.
  2. Select Enable Two-Factor Authentication

<img border=0 width=516 height=412 src="TSS%20UG%20v20_reviewed_files/image108.jpg">

  1. Configure the login scenarios according to your need and select Use Online Two-Factor Authentication
  2. On the top right corner, click QR code for TFA.

A QR code appears.

<img border=0 width=324 height=362 src="TSS%20UG%20v20_reviewed_files/image109.jpg">

 

  1. Scan the onscreen QR code via the Authenticator app.

A Time-based One-Time Password (TOTP) appears on smart device.

<img border=0 width=410 height=229 id="Picture 9" src="TSS%20UG%20v20_reviewed_files/image110.jpg">

  1. You can use this TOTP for login. This TOTP will get updated after every 30 seconds.

 

<a name="_Toc39670553"></a><a name="_Toc64042305"></a><a name="_Toc66462150">Disabling 2FA login</a>

To disable the 2FA login, follow the below steps:

  1. Open eScan Protection Center > two-factor authentication.
  2. Uncheck the Enable Two-Factor Authentication option.
  3. Click Save. The 2FA feature gets disabled.

Retrieved from "https://wiki.escanav.com/index.php?title=Escan/english/escan20/twofactorauthentication&oldid=21663"