Using Google Authentication for the Hosting Portal
It is possible to set up the Google Authenticator app to provide your Multi-Factor Authentication for the Hosting Portal. This page explains how the app works and how to set it up for hosting.
What is Google Authenticator?
The following is taken from the Wikipedia Google Authenticator Page:
Google Authenticator is a software-based authenticator that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time Password algorithm (HOTP; specified in RFC 4226), for authenticating users of mobile applications by Google.
When logging into a site supporting Authenticator (including Google services) or using Authenticator-supporting third-party applications such as password managers or file hosting services, Authenticator generates a six- to eight-digit one-time password which users must enter in addition to their usual login details.
Previous versions of the software were open-source but subsequent releases are proprietary.
The main benefits of using Google Authenticator are:
- It uses the same secure method of creating one-time passcodes as the default two-factor process in hosting.
- It is completely free.
- Unlike the default process, there is no need to wait for an email or SMS.
The Google Authenticator app is available for Android and iOS.
Adding Google Authentication
It is possible to set up Google Authentication on your own account as well as other accounts if you have Supervisor status set in PICS /wiki/spaces/POH/pages/277348452.
Adding Google Authentication to Your Own Profile
If available, you can set Google authentication for yourself on your User Profile page. To access this page, hover over your name in the top-right corner of the Hosting Portal homepage and select My Profile.
In your profile, select Edit and tick Google Authenticate in the Two Factor Authentication Methods section. Select Save to continue.
You will then be prompted to visit the Authenticator settings page. Select OK to return to your profile.
Your profile will now display the Google Authenticate Settings button. Select this to go to the setting page.
Follow the instructions on the page and download the app.
In your Authenticator app, add an account and scan the shown QR code.
Enter the code shown into the Verification Code field in the hosting portal and select Confirm. You will receive a notification indicating whether adding the authentication was successful or not.
Adding Google Authentication to Other Profiles
This options requires Pellcomp or Supervisor permissions.
In the Manage Users section, edit a user. As above, the Google Authenticate option will show if it is available. Tick the box to add the option. The next time the user logs in, they will be prompted to set it up using the method explained above.
Removing Google Authentication
This can again be done in the the User Profile or the Manage Users section. To do this, untick the Google Authenticate option or select Remove Authenticator option in the Authenticator Settings page.
Logging in with Google Authenticator
Logging In to the Hosting Portal is the same with Google Authenticator, except when you are asked to select a two factor method, you will be able to select Google Authenticate.
If you are a Pellcomp user and the Authenticator has been added for you, but you have not set it up yet, the option to verify by Email will be available as well, even if that has not been added as a method for you. This means that you can login and set up the Authenticator. If you are not a Pellcomp user, and only Google Authenticate has been added for you, you will instead be directed to and limited to the Profile section of the hosting site. A notification instructing you to set up Google Authentication will be shown.
Please note that failing to enter a correct code several times will incur a lockout and you will be unable to access your account until the lockout has passed.
