You can enhance the security of your company's IoT implementation by using Two-Factor Authentication (2FA). Two-Factor Authentication is available for all accounts and is not enabled by default. The administrator of your account can enable Two-Factor Authentication for all users or individual users.
In this article:
Basics
Two-Factor Authentication is an option you can use with your IoT implementation to increase the security of some or all user accounts. When Two-Factor Authentication is enabled, a user logs in with their normal username and password and then must complete a second step to verify their identity using a mobile device. When the user accesses their mobile device and enters a code seen on their mobile device into the AerPort login page, the user is validated and can proceed with using AerPort.
AerPort supports two mobile authentication applications that provide identity verification:
- FreeOTP
- Google Authenticator
Users must install either of these two applications on their mobile device and scan or enter a barcode provided on the Mobile Authenticator Setup screen. This registers this device with the mobile authentication app and establishes a link between the device and AerPort.
Users: Set Up Two-Factor Authentication for Your Account
Users with Two-Factor Authentication enabled for their account must follow these steps to link their mobile device with their AerPort account.
- If you are a new user, you will receive an email from aerport@aeris.net with subject
line, Invitation to Aeris Account.
- Click the link to Accept invitation. This action opens a web browser tab titled Aeris AerPort, Let's get started!
- Enter your first and last name, and select and confirm your password. Then click Accept Invitation.
- If you are an existing user, open your browser and enter the following URL: https://aerport.aeris.com/.
- Enter your username and password. Then click Log In.
- Next you see the Mobile Authenticator Setup page, similar to the following.
(Items are blurred for security purposes.)
- On your mobile device, open the Apple App Store or the Google Play Store program. Then
search for and install either FreeOTP or Google Authenticator.
- If you select Google Authenticator, open the app and follow the prompts. Then select Add a code. Then select Scan a QR code or Enter a setup key. Use the information provided on the Mobile Authenticator Setup page to continue. Then Google Authenticator provides you with a 6-digit code.
- If you select FreeOTP, open the app and touch the icon that resembles a QR code. Give your mobile device permission to access the camera, then scan the QR code shown on the on the Mobile Authenticator Setup page. Follow the prompts. When done, you see the AerPort token registered on the FreeOTP main screen. Touch it to reveal a 6-digit code.
- Enter the 6-digit code into the Mobile Authenticator Setup page, then click Submit. Note that the 6-digit code changes every 30 seconds.
- AerPort validates the code. If successful, the AerPort Dashboard appears.
When you login to AerPort in the future, after entering your username and password, AerPort will simply ask for the 6-digit code. Open Google Authenticator or FreeOTP on your mobile device and find the 6-digit code.
Admin: Enable or Disable Two-Factor Authentication for One User
Account administrators can enable or disable 2FA for new or existing users.
To invite a new user, with 2FA enabled or disabled:
- In the AerPort left menu, hover over Account and click Manage Users.
- Click Invite User at the top-right corner of the screen. This opens the Invite User pop-up.
- Enter the new user's email address and check the appropriate permission(s).
- Select the toggle for Two-Factor Authentication (2FA), either on or off.
- Click Send Now.
After inviting a user, you can see the user listed under the Pending tab.
To enable or disable 2FA for an existing user:
- In the AerPort left menu, hover over Account and click Manage Users.
- While viewing the Active tab, locate the user in the list.
- Either click the pencil icon to edit the user, or click the value in the Permissions column.
- Select the toggle for Two-Factor Authentication (2FA), either on or off.
- Click Save Now.
The existing user must logout and login again to see the changes.
Admin: Enable or Disable Two-Factor Authentication for All Users
Account administrators can enable or disable 2FA for all users in one operation.
- In the AerPort left menu, hover over Account and click Manage Users.
- On the right side menu, select Update 2FA Settings.
- Select the toggle for Two-Factor Authentication (2FA), either on or off.
- Click confirm 2FA Update.
Users will see the changes with their new login to AerPort.
If 2FA was previously enabled for a user, then disabled, the re-enabled, the user will need to set up the authentication link between AerPort and their mobile device again.
Admin: Reset Two-Factor Authentication for a User
Account administrators can reset the 2FA feature for a user. This is useful in situations where the user has lost their mobile device or have deleted the authenticator app on their mobile device. To allow the user to re-link their mobile device to their AerPort account, the administrator must reset their 2FA status.
- In the AerPort left menu, hover over Account and click Manage Users.
- Locate the username from the Active tab of the Manage Users screen.
- Click the pencil icon to edit this user.
- Click Reset 2FA.
The user will be prompted to set up Two-Factor Authentication the next time they login to AerPort.
Troubleshooting Two-Factor Authentication
Invalid one-time code, timing issue
The 6-digit code found in your authentication app changes every 30 seconds. If you submit a code and it is rejected, look to see if the code changed. Refer to the timing icon in the authentication app to show you how much longer the current code is valid and then try again.
Invalid one-time code, lost connection
While attempting to login to AerPort, if your attempts to enter a 6-digit code are continually rejected, try closing your current browser tab. Then open a new tab and login to AerPort again.
0 Comments