As your iXpole environment and its database contains confidential information, securing your system is a high priority. One way of securing your system is to incorporate a two-factor authentication (2FA) process in order to log in to iXpole's Back office, where as the first factor is a standard, personal password and the second factor a so-called one-time password (OTP), generated by an OTP-generator.
This article explains the concepts of iXpole's 2-factor authentication (2FA) and one-time passwords (OTPs).
Let's get you started!
In this article we'll handle following topics:
- Two-factor authentication or 2FA
- One-time passwords (OTPs) and OTP-generators
- 2FA-use at iXpole
1. Two-factor authentication or 2FA
Two-factor authentication or 2FA is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows, such as his or her personal password) and possession (something only the user has, such as his or her mobile phone on which the OTP-generator is installed). 2FA protects user data - which may include personal identification or financial assets - from being accessed by an unauthorized third party that may have been able to discover, for example, a personal password.
2. One-time passwords (OTPs) and OTP-generators
An OTP-generator is a third-party authenticator (TPA) which enables 2FA, usually by showing a randomly generated and frequently changing (six digit) pin code to use for authentication: the so-called one-time password (OTP), also known as a one-time PIN, one-time authentication code (OTAC) or dynamic password. This is a password that is valid for only one login session on a computer system or another digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication. iXpole incorporates 2FA by ensuring that the OTP requires access to something a person has (a specific mobile phone on which the OTP-generator is installed) as well as something a person knows (his or her personal password).
3. 2FA-use at iXpole
At iXpole we use 2FA in order to log in to the environment, so you require a personal password and a pin code generated by an OTP-generator. At iXpole we use the Google Authenticator as TPA. You can find this application in the Google Play Store or simply by clicking this link. If you want to read more about how to log in to your iXpole environment using 2FA, read this article.