Both sides previous revisionPrevious revisionNext revision | Previous revision |
services:2fa:computer [2021/03/04 11:48] – deul | services:2fa:computer [2022/11/07 13:15] (current) – venemans |
---|
====With a Personal Computer==== | ====With a Personal Computer==== |
If you don not have a Smart Phone, or if you do not want to use a Smart Phone, you can use alternative programs to provide the passcode needed for 2FA. A few of these programs are: | If you don not have a Smart Phone, or if you do not want to use a Smart Phone, you can use alternative programs to provide the passcode needed for 2FA. A few of these programs are: |
* KeepassXC ({{https://keepassxc.org}} GUI) or, | * KeepassXC ([[https://keepassxc.org]] GUI) or, |
* oathtool ({{https://www.nongnu.org/oath-toolkit/}} GNU/Linux cmd line) or, | * oathtool ([[https://www.nongnu.org/oath-toolkit/]] GNU/Linux cmd line) or, |
* OTP Manager ({{https://apps.apple.com/us/app/otp-manager/id928941247}} MacOS) | * OTP Manager ([[https://apps.apple.com/us/app/otp-manager/id928941247]] MacOS) |
or any softwares that implement OTP standards. | * [[https://www.microsoft.com/en-us/p/winotp-authenticator/9nf2rgqkx1mv?activetab=pivot:overviewtab|WinOTP]] or [[https://www.microsoft.com/en-us/p/otp-manager/9nblggh6hngn?activetab=pivot:overviewtab|OTP manager]] for Windows |
| * Chrome extension [[https://chrome.google.com/webstore/detail/authenticator/bhghoamapcdpbohphigoooaddinpkbai|authenticator]] |
| or any softwares that implements OTP standards. |
| |
{{:services:idp.png?400 |}}So after installing on or more of the above programs you can proceed to go to a web page that helps you setup 2FA. This page is located in our [[https://local.strw.leidenuniv.nl/services/?node=316|Self Service area]]. When you access that page you are redirected to the new Observatory Identity Provider and presented with a login window. | <figure>{{:services:idp.png?400 |}}<caption>2FA Login screen (Click image to enlarge).</caption></figure> |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | \\ |
| So after installing one or more of the above programs you can proceed to go to a web page that helps you setup 2FA. For example, you can go to the [[https://vdesk.strw.leidenuniv.nl|Sterrewacht virtual desktop]]. When you access that page you are redirected to the new Observatory Identity Provider and presented with a login window. |
| |
| |
| <figure>{{:services:idp2.png?400 |}}<caption>2FA setup secret key form QR code version (Click image to enlarge).</caption></figure> |
\\ | \\ |
| After entering your account credentials you are present a QR code on the next page. Your computer programs are not equipped to scan QR codes, so you need to 'see' the secret key. For this you click the link ''%%Unable to scan?%%'' |
\\ | \\ |
| |
{{:services:idp2.png?400 |}}After typing in your account credentials you are present a QR code on the next page. Your computer programs are not equipped to scan QR codes, so you need to 'see' the secret key. For this you click the link ''%%Unable to scan?%%'' | <figure>{{:services:idp6.png?400 |}} <caption>2FA setup secret key form clear text version (Click image to enlarge).</caption></figure> |
\\ | \\ |
\\ | After clicking the link you will be presented a window that shows you the secret key in clear text. Copy this key and save it in a place where your program can use it. Then run this program to obtain a passcode (a six digit number). Transfer this passcode to the form. Note that the passcodes have a lifespan of 30 seconds, so you might need to regenerate a new passcode if the 30 sec. timeslot has passed. |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
{{:services:idp6.png?nolink&400 |}} After clicking the link you will be presented a window that shows you in clear text the secret key. Copy this key and save it in a place where your program can use it. Then run this program to obtain a passcode. Transfer this passcode to the form. Note that the passcodes have a lifespan of 30 seconds, so you might need to regegerate a new passcode if the 30 sec. timeslot has passed. | |
| |
| |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | |
\\ | \\ |
| |