Articles with the tag:
Close
Changelog
Close
Try in the cloud
Try in the cloud
Help Center
General

Using two-factor authentication

Introduction

Wish to protect the data stored on your portal and prevent any unauthorized access? Then make use of an extra security level enabling two-factor authentication. In this case if someone decides to hack into your ONLYOFFICE account even having your password he will need your phone to access it. This guide will explain how it works and how to enable this option.

For the SaaS version, the SMS provider used on your portal is selected depending on the portal region: smsc is used for CIS, Clickatell and Twilio are used for all other regions. You can add available SMS providers in the Settings -> Integration -> Third-Party Services section.

If you are using the server version, you first need to connect at least one SMS provider in the Settings -> Integration -> Third-Party Services section so that you can enable the Two-factor authentication option.

It's also possible to enable two-step verification with authenticator apps.

To enable two-factor authentication you must be the portal owner or full access administrator.

Connect an SMS provider to your portal

To connect an SMS provider,

  1. Enter your portal.
  2. Click the Settings Icon icon at the top of the page or open the Choose drop-down list next to your portal logo and choose the Apps option.
  3. Go to the Integration section and open the Third-Party Services page.
    How to use two-factor authentication on portals? How to use two-factor authentication on portals?
  4. In the list of third-party services, click the switcher next to Clickatell, smsc, or Twilio to open the window that contains integration settings for this service.
  5. Now you need to specify the keys used to integrate the selected service with your portal. To obtain these keys follow the corresponding instructions:
    You can add more than one SMS provider. The SMS provider used on your portal is selected depending on the portal region: smsc is used for CIS, Clickatell and Twilio are used for all other regions.
  6. Once you paste the necessary keys to the corresponding fields, click the Enable button to save the settings.
How to use two-factor authentication on portals? How to use two-factor authentication on portals?

When the SMS provider is added, you can proceed to the next step.

SMS messages can be sent if you have a positive balance only. You can always check your current balance in your SMS provider account. Do not forget to replenish your balance in good time.

Enable two-factor authentication

To set up two-factor authentication,

  1. In the portal settings, go to the Security section and open the Portal access page.
  2. Go to the Two-factor authentication section and
    • click the By SMS radiobutton to use the SMS verification, or
    • click the By authenticator app radiobutton to use an authenticator app.
  3. For specifying detailed settings, you can use advanced settings. Click Show Advanced Settings and set the necessary options:
    • in the Mandatory Two-factor authentication section, you can add users or groups for which two-factor verification will be performed even if the user comes from a trusted IP. For other users who are not included into the Trusted Networks list, two-factor verification is performed as usual.
    • in the Trusted Networks section, you can add trusted IP addresses for which two-factor verification will not be performed. Specify separate IP addresses in the IPv4 format (#.#.#.#, where # is a numeric value from 0 to 255), or set an IP addresses range by entering the starting and ending IP addresses of the range in the #.#.#.#-#.#.#.# format, or use CIDR masking in the #.#.#.#/# format.
  4. Click the Save button below the Two-factor authentication section.
How to use two-factor authentication on portals? How to use two-factor authentication on portals?

That's all. Two-factor authentication is enabled.

Access your online office account using SMS verification

When two-factor authentication with SMS is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:

  • Step 1 - Enter your credentials: email and password as usual.
  • Step 2 - Enter a six-digit verification code received via SMS.
The sent code is valid for 10 minutes. To resend a verification code, use the Send code again button, but no more often than 5 times per 5 minutes.

When you access your online office account for the first time after enabling two-factor authentication, you will need to perform one more step: Specify the phone number you wish the SMS to be sent at. If necessary, you will be able to change it later at any moment on your profile page.

How to use two-factor authentication on portals? How to use two-factor authentication on portals?

To make the sign-in process more simple, your online office offers the possibility to remember that a particular browser was already successfully used for two-factor authentication. So when you access your account for the second time using the same browser, it will ask you for your email and password only. But if you or someone else try to access your account from any other computer or browser, the verification code will be required. So your account will still be protected. The verification code will be also required when two-factor authentication cookie has expired or if you decide to delete cookies from your browser.

Access your online office account using an authenticator app

When two-factor authentication with an authenticator app is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:

  • Step 1 - Enter your credentials: email and password as usual.
  • Step 2 - Enter a six-digit verification code or a backup code generated by the authenticator app.

To access the portal for the first time after enabling two-factor authentication:

  1. Enter your regular credentials to access the portal. The QR code and your secret key are displayed at your portal login confirmation page.
    How to use two-factor authentication on portals? How to use two-factor authentication on portals?
  2. Install an authenticator app on your mobile device. You can use Google Authenticator for Android and iOS or Authenticator for Windows Phone.
  3. Open the authenticator app on your mobile device and configure it in one of the following ways:
    • Scan the QR code displayed in the browser, or
    • Manually enter your secret key displayed in the browser,
  4. At your portal login confirmation page, enter a 6-digit code generated by your application,
  5. Click the Connect app button.

Then you will be redirected to your profile page where the backup codes will be displayed in a new window. You can use the backup codes when you don't have access to your mobile device. Print the backup codes clicking the corresponding button and use them when necessary. To get new codes you can use the Request new button. Only codes which was generated last are valid. It's also possible to connect a new authenticator app using the corresponding link at your profile page.

When you access your account for the next time, you will be asked for your email and password as well as for a verification code. You can use either a code generated by the application or a backup code.

Try now for free Try and make your decision No need to install anything
to see all the features in action
You Might Also Like This:
Close