Posts Tagged ‘2 Factor Authentication’

Recursion Violation: A 2nd 2nd Factor

Posted on: December 12th, 2017 by

A second factor protects your account, but to such extent that if you loose the one device you are normally using, you will have lost access to your account. Hence, we’re going recursive and get you a second second factor (22FA, 2FA^2).

Here’s the process;

  1. Create a first second factor and call it your Secondary.
  2. Take a picture or screenshot of the QR code, so that you can print it and store it offline, some place safe.
  3. Continue with enabling the first, but secondary, second factor and type the validation code so you know everything works.
  4. Create a new second factor, and confirm the high-security with your Secondary.
  5. Call the new factor Primary; this will be the one you keep on your phone, and use in your day-to-day.
  6. In order for this token to be scanned, you’ll have to remove the Secondary from your device.
  7. Continue with the process of getting your primary second factor on to your device.
  8. Log out.
  9. Lose your phone.

Help! Now what?

  1. Buy a new phone.
  2. Add back your secondary second factor using the piece of paper stored safely offline.
  3. Log back in using this backup TOTP-based second factor.
  4. Go to your settings and remove the primary token; you’ll need to confirm it using your secondary.
  5. Add a new factor and call it New Primary.
  6. Remove the secondary from your phone.
  7. Continue with adding back a primary token and enjoy your new token!

Simple, right? Nothing to it. Too easy.

Announcing Service Windows: Implementing 2FA

Posted on: October 11th, 2017 by

As we recently announced, we have pursued an opt-in second factor authentication feature on Kolab Now. As described, the implementation is limiting users to the web client, and this requires some reconfiguration of various servers and services.

> Continue Reading

TOTP-based Two Factor Authentication Passed QA

Posted on: October 10th, 2017 by

In a previous blog post, I have told you about our experimenting with TOTP-based two factor authentication. It proves functional in the Cockpit and in the Web Client, so we’re preparing the promotion to production.

> Continue Reading

Experimenting with TOTP Two Factor Authentication

Posted on: October 3rd, 2017 by

We’re currently experimenting with an implementation of TOTP-based 2 factor authentication, allowing our customers to use a second factor.

Until now, Kolab Now required its users to supply a username and a password. This is considered only a single factor, since the username is your email address and thus known to third parties.

> Continue Reading