Differences

This shows you the differences between two versions of the page.

--- services:2fa [2021/03/22 19:38] – deul
+++ services:2fa [2024/04/16 10:02] (current) – venemans
@@ Line 1: / Line 1: @@
-======Two-Factor Authentication (2FA)======
+======Two-Factor Authentication (2FA) @ STRW======
 {{ services:2fa_graphic.jpg?nolink&400|}}
@@ Line 5: / Line 5: @@
   * [[:services:2fa#first_time_access|First Time Access]]
   * [[:services:2fa#setup_ssh_keys|Setup ssh keys]]
-=====Introcution======
+=====Introduction======
-  * [[:services:2fa:introduction|why, what and how]]
+  * [[:services:2fa:introduction|why, where and how]]
-======Timeline=====
+[[:services:2fa:acronyms|Note on acronyms]]
-We will not implement 2FA at the same time for all services, but will gradually enable 2FA according to [[services:2fa:timeline|this timeline]].
 ======Working with 2FA =====
@@ Line 24: / Line 23: @@
   * [[services:2fa:continued|remaining setup]]
+=====Browser Extension=====
+For several popular internet browsers (Edge, Firefox, Chrome, ...) there is a very convenient add-on/extension/plugin that can be installed on your Personal Computer to generate the 2FA passcodes. This also works for the Multi-Factor Authentication (MFA) of Leiden University uaccount services. After 2FA / MFA is activated, here are the steps to install and activate the browser extension:
+  * [[services:2fa:browserextension|Authenticator Extension]]
 =====Regular use of 2FA=====
@@ Line 80: / Line 80: @@
 =====2FA Problems======
+====New phone====
+If you obtained a new phone and would like to use it to generate the passcodes, then you can obtain a copy of your secret code by visiting our [[https://intranet.strw.leidenuniv.nl/services/?node=43|STRW Self Service page]] (note that this page is on the intranet, so you need to login).
+**If you lost your phone, you 2FA secret code has to be reset (see below)**
 ====Loss of or damaged to Smart Phone or Personal Computer====
 It might happen that you loose your smart phone or personal computer, or otherwise may be deprived of your secret key. In that case you need to perform the following actions to reset 2FA in the given order:
@@ Line 86: / Line 90: @@
   * Reset your password
   * Re-initiate the 2FA process as described above in the 'First Time Access' section
+====Error Message====
+If you see **Two-factor authentication has not been setup for your account <accountname> yet.  Please refer to
+ the computer documentation on the institute webpage for the description and setup of 2FA**, this means your secret code has not trickled down to this system yet. It may take up to 30 minutes after setting up 2FA before all Observatory systems know about your secret key. Thus be patient ant try again in 30 minutes.
 ====Code not accepted====
-Note that the passcodes have a lifespan of 30 seconds and that both the Observatory computers and your Smart Phone or personal computer need to be in time sync. You must enter the 2FA app settings and select "Time synchronisation". After this the codes should work again. You might also have been just a bit too late confirming your passcode. In that case repeat the process of creating the passcode en entering it into the prompt/web form.
+Note that the passcodes have a lifespan of 30 seconds and that both the Observatory computers and your Smart Phone or personal computer need to be in time sync. You must enter the 2FA app settings and select "**Time synchronisation**". After this the codes should work again. You might also have been just a bit too late confirming your passcode. In that case repeat the process of creating the passcode en entering it into the prompt/web form.
 In principle the system also allows passcodes that are from the previous or next timeslot. So you should have a total of 90 seconds to deliver a trusted passcode. This period is shortened if the Observatory time keeping differs slightly from your smart phone or personal computer time keeping.

Computer Documentation Wiki

User Tools

Site Tools

Differences

Page Tools