User Tools

Site Tools


institute_lorentz:2fa-smartphone

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
institute_lorentz:2fa-smartphone [2021/03/17 08:05] – [Preliminary Actions] lenocilinstitute_lorentz:2fa-smartphone [2021/05/20 07:00] (current) – [Preliminary Actions] lenocil
Line 12: Line 12:
 |[[https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=nl&gl=US|{{:services:android.png?nolink&150|}}]]|[[https://apps.apple.com/nl/app/freeotp-authenticator/id872559395#?platform=iphone|{{:services:apple.png?nolink&150|}}]]|[[https://f-droid.org/en/packages/org.fedorahosted.freeotp/|{{:services:2fa:get-it-on.png?nolink&150|}}]] | |[[https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=nl&gl=US|{{:services:android.png?nolink&150|}}]]|[[https://apps.apple.com/nl/app/freeotp-authenticator/id872559395#?platform=iphone|{{:services:apple.png?nolink&150|}}]]|[[https://f-droid.org/en/packages/org.fedorahosted.freeotp/|{{:services:2fa:get-it-on.png?nolink&150|}}]] |
  
-Other mobile apps known to work with our system are //google authenticator// and //andOTP//. However, any app implementing the open TOTP standar will do.+Other mobile apps known to work with our system are //google authenticator// and //andOTP//. However, any app implementing the open TOTP standard will do.
  
-Leiden University suggests the use of the [[https://www.netiq.com/documentation/advanced-authentication-63/smartphone-applications/data/bookinfo.html|NetIQ Advanced Authentication App]] for 2FA. Should you want to install this proprietary software, you should know that  +|:!: Leiden University suggests the use of the [[https://www.netiq.com/documentation/advanced-authentication-63/smartphone-applications/data/bookinfo.html|NetIQ Advanced Authentication App]] for 2FA. Should you want to install this proprietary software, you should know that  the [[https://www.netiq.com/documentation/advanced-authentication-62/server-user-guide/data/totp.html|QR codes generated by this app differ]] from those generated by Free TOTP apps and can lead to 2FA problems if you scan a NetIQ-generated QR code with a Free app.|
-the [[https://www.netiq.com/documentation/advanced-authentication-62/server-user-guide/data/totp.html|QR codes generated by this app differ]] from those generated by free TOTP apps and can lead to authentication problems.+
 ===== Setup ===== ===== Setup =====
  
 ==== Step 1 ==== ==== Step 1 ====
-Navigate to any of the Lorentz Institute SSO web applications, such [[https://www.lorentz.leidenuniv.nl/www/people/login|Account Services]], [[https://remote.lorentz.leidenuniv.nl|Remote Workspace]], etc.+Navigate to any of the Lorentz Institute SSO web applications, for instance our [[https://remote.lorentz.leidenuniv.nl|Remote Workspace]].
  
 You will be redirected automatically to the Lorentz Institute Identity Provider login page as in **Figure 1**. You will be redirected automatically to the Lorentz Institute Identity Provider login page as in **Figure 1**.
Line 39: Line 38:
 If Step 3 succeeds (errors might occur if there is too much lag time, i.e. the OTP expired), the system will send you an email to your private (not @lorentz) e-mail address with [[institute_lorentz:verify_identity|precise instructions]] on how to verify your identity. If your identity  cannot be validated, you will not be granted access to the system. If Step 3 succeeds (errors might occur if there is too much lag time, i.e. the OTP expired), the system will send you an email to your private (not @lorentz) e-mail address with [[institute_lorentz:verify_identity|precise instructions]] on how to verify your identity. If your identity  cannot be validated, you will not be granted access to the system.
  
-<figure>{{:institute_lorentz:idp4_email1.png?direct&344|}}{{:institute_lorentz:idp4_email3_mod.png?direct&400|}}{{:institute_lorentz:idp4_email4.png?direct&400|}}<caption>Screenshot of e-mail verification process.</caption></figure>+<figure>{{:institute_lorentz:idp4_email1.png?direct&344|}}<caption>Verrify your private email address.</caption></figure>
  
 ==== Step 5 ==== ==== Step 5 ====
 +Verify your identity by visiting your private email inbox. You should have received an email from the Lorentz Institute Identity Provider ((Details of this email are not disclosed here to prevent phishing.)). Open that email and __copy__ (for instance using on most platforms Control-C or right-mouse click copy) the secret code in the body of the message. Visit https://www.lorentz.leidenuniv.nl/idp/ and __paste__ (on most platforms Control-P or right-mouse click paste) the secret code in the white text area.  Click on `Submit'. Your identity is now verified.
 +
 +<figure>{{:institute_lorentz:idp4_email2.png?direct&400|}}{{:institute_lorentz:idp4_email3_mod.png?direct&380|}}{{:institute_lorentz:idp4_email4.png?direct&380|}}<caption>Screenshot of e-mail verification process.</caption></figure>
 +
 +==== Step 6 ====
  
 Click on //Back to application// to redirect your browser to the Lorentz Institute SSO web application from which you started the whole process or close the browser. Your setup is complete.  Click on //Back to application// to redirect your browser to the Lorentz Institute SSO web application from which you started the whole process or close the browser. Your setup is complete. 
institute_lorentz/2fa-smartphone.1615968347.txt.gz · Last modified: 2021/03/17 08:05 by lenocil