2.2.2 Setting one-time code
System administrators can use the one-time code setting to enable multi-factor authentication for any users. The one-time code setting uses one of the following one-time code generation applications. Users should install the applications on their mobile devices in advance.
- FreeOTP
- Microsoft Authenticator
- Google Authenticator
The procedures for enabling authentication using a one-time code are shown below.
[Procedure for newly created users]
1. The system administrator creates a user by selecting the "OTP Configured" check box on the Add User window.
2. The user clicks the URL in the password setup e-mail sent to the e-mail address set in Step 1.
3. When the login window appears, the user clicks [Click here to continue].
4. When the mobile authenticator's setup window appears, the user uses his/her mobile device to read the barcode (QR code) to generate a one-time code. The user can also generate a one-time code by clicking [Can't scan?] and entering the key displayed on the key display window into the application.
The user enters the generated one-time code and click the [Submit] button.
The user enters the generated one-time code and click the [Submit] button.
5. When the password setting window appears, the user sets a password.
[Procedure for existing users]
1. The system administrator turns on the "OTP Configured" check box for a user on the Edit User window.
2. The target user logs in to Ops I.
3. The user performs Step 4 of [Procedure for newly created users].
Notes
The set one-time code is required when logging in to Ops I. When logging in with an external IdP, even users who have set a one-time code will not be taken to the window for entering the one-time code.
[If a user changed their mobile devices after enabling authentication using a one-time code]
1. The user requests the system administrator to reconfigure the one-time code setting.
2. The system administrator turns off and on again the "OTP Configured" check box for the user on the Edit User window.
3. The system administrator and user perform Steps 1 to 3 of [Procedure for existing users].
For details on the one-time code setting by the system administrator, see "(Table) Items displayed in the user profile" and "(Table) Items displayed in the user profile area in the “Edit user” window" in "Users".