June 30, 2020 Tim Daly

Two Factor Authentication

USING TWO FACTOR AUTHENTICATION (2FA)

Critical Care Sonography uses two-factor authentication when you log in.

This adds an extra layer of security to the website to protect both it and your login details. You still use your username and password, but there is an extra step after this.

You are required to enter an authentication code using Google Authenticator. Google Authenticator is a software-based Google product that implements two-step verification by generating a one-time authentication code.

To be able to use it, you need to install the Google Authenticator app on your phone. You can get the app here:

iPhone users:

https://apps.apple.com/au/app/google-authenticator/id388497605

Android users:

https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2

You can also use any of the other TOTP-based authenticator apps listed here.

If your phone cannot read barcodes through the camera, you will also need to install a barcode scanner app.

Once the app is installed, to set up two factor authentication, do the following:

How to enable 2FA

1. Go to the Login Security page.
2. Open your authenticator app and add a new entry; most apps have a plus sign or a tiny QR code.
3. Scan the QR code on the Login Security page; your authenticator app should then display a six-digit code.
4. If you are accessing the site on your phone or tablet and obviously can’t point the camera at its own screen, you can copy the line of letters and numbers below the QR code, and paste that in the app, using the app’s “manual” setup option.
5. In the Download recovery codes section, click the Download button. Recovery codes can be used if you lose your device. Print or save the file and store it in a safe place.
6. In the box below where the recovery codes appear, enter the six-digit code that appears in your authenticator app. This code changes every 30 seconds. If the code expires, you can enter the next code instead.
7. Click or tap the Activate button.

That’s it! You’re all done!

If this is your first time setting up 2FA on a site you may want to try logging in to the site in a different browser or in a private or incognito browser window to check for any compatibility issues before logging out.

How to log in with two-factor authentication

1. Log in to the site in the usual way.
2. Enter your username and password and click the Log In button, as usual.
3. When the 2FA Code prompt appears, enter the code from your authenticator app.
4. If you use 2FA for multiple sites, be sure to pick the correct site in the app.
5. Click the Log In button.

That’s it!

How to do the two steps in one

If you have incompatible plugins or themes and can’t see the 2FA Code prompt, or if you prefer a slightly quicker method, you can also enter a 2FA code directly after your password, in the same field:

1. Enter your username and password, but do not click the Log In button yet.
2. Immediately after your password, enter the code from your authenticator app. Example: For the password mypass and code 233455, enter mypass233455.
3. Click the Log In button.

How to use recovery codes

The recovery codes that you saved or printed during setup can be used if you ever lose your authenticator device or if you remove the app or its saved codes by mistake. Make sure you store these codes in a safe place.

Because they don’t expire, recovery codes are longer than normal codes — 16 letters and numbers instead of only 6 numbers — but each code can only be used once. An example recovery code looks like this: 5199 5c24 77dc 0ed7.

The login process is the same as using a code from an authenticator app:

1. Enter your username and password and click the Log In button, as usual.
2. When the 2FA Code prompt appears, enter a recovery code. Remember, recovery codes are longer than regular 2FA codes.
3. In this example, we would enter: 5199 5c24 77dc 0ed7.
4. Click the Log In button.

Each recovery code can only be used once. You can generate new recovery codes on the Login Security page of your site. This is useful if you have used most of your codes, or if you lose the codes you previously saved or printed. Generating new codes will invalidate the previous codes.