User Tools

Site Tools


institute_lorentz:2fa-pc

This is an old revision of the document!


First-time 2FA Setup via a Personal Computer

Preliminary Actions

You need to install a program on your personal computer which will

  • store the secret key that the IL authentication system will share with you
  • calculate TOTP passcodes using the secret key as a seed

We advise Free Softwares such as KeePassXC (multiplatform with GUI) or the OATH Toolkit (GNU/Linux terminal), but you are free to choose any programs that implement the open OTP standards.

Setup

Step 1

Navigate to any of the Lorentz Institute SSO web applications, such Account Services, Remote Workspace, etc.

You will be redirected automatically to the Lorentz Institute Identity Provider login page as in Figure 1.

Figure 1: Identity Provider login page

Step 2

Enter your IL credentials to sign in. Upon successful login, you will be redirected to a page containing a QR code. Click on “Unable to Scan?” to display your shared secret key and the other parameters to input in your OTP program (Figure 2).

Note the secret key, the algorithm, the number of digits, and the time interval. You will need them in Step 3.

Figure 2: TOTP Setup Page (QR code and other sensitive information deliberately blurred)

Step 3

Open KeePassXC (installed on all IL workstations), create a new passwords database if you do not want to use an existing one and click on Entries → TOTP → Set Up TOTP. Insert your private key, algorithm, time interval and number of digits from Step 2 and confirm by clicking on `OK'.

Figure 3: TOTP Setup with KeePassXC
institute_lorentz/2fa-pc.1615797902.txt.gz · Last modified: 2021/03/15 08:45 by lenocil