2-Factor Authentication

Activate 2-factor authentification

1. Open the configuration file.

nano /opt/enginsight/enterprise/conf/services/config.json

2. Set twoFactor to true.

    "twoFactor": {
      "enabled": true
    }

3. Save the configuration file (Ctrl+o) and confirm the saving process. Close nano (Ctrl+x).

4. Navigate to /opt/enginsight/enterprise

cd /opt/enginsight/enterprise

1. Run setup.sh to make the changes apply.

sudo ./setup.sh

1. If you only want to secure important functions with 2-factor authentication, you are done now. If you want to ask for the second factor when logging in, enable this in the settings directly in the Enginsight platform: Settings → Organisation → Advanced settings → Two-factor authentication for all team members.

2. You can learn how to use an Authenticator app here.

Increase in verification time

If you need more time to enter the code during 2-factor login, you can increase the time window for valid tokens in the config.json configuration file.

1. Open the configuration file

2. Add value

   Add the authenticatorWindow parameter under onpremise.twoFactor.

   authenticatorWindow determines how long a code will remain valid. A 2FA code (TOTP) is normally valid for 30 seconds. This results in: 30 seconds × authenticatorWindow = period during which the code will remain valid

3. Save changes Save the configuration file (Ctrl+o) and confirm the save process. Close nano (Ctrl+x).

4. Navigate to /opt/enginsight/enterprise

5. Run setup.sh for the changes to take effect.

Example 2 minutes

Example 3 minutes