Purpose
This document describe how to set up Two-factor authentication using either Mobile Security Code or Google Authenticator.
Introduction
Two-factor authentication can be enabled and the mode of authentication is selected from Account Settings.
Either Mobile Security Code or Google Authenticator can be used for authentication.
The means used for authentication can be limited, depending on the options configured for two-factor authentication under Security Policy tab.
Set Up Two-Factor Authentication
To access the Account Settings module:
-
Go to Main Menu > Settings > Account.
-
Select the Account tab.
For 2-Factor Authentication choose between the following in the drop-down menu:
|
Option |
Description |
|---|---|
|
None |
No authentication other than specifying USER-ID and Password is needed. |
|
Mobile Security Code |
OUTSCAN, and HIAB via OUTSCAN, support Two Factor Authentication via SMS tokens. Upon login a six-digit security code will be sent to a specified mobile number of your choice, which can be used for additional authentication when logging in. SMS delivery issues with certain network providers In some cases, text messages may not be delivered if the sender name is shown as letters instead of a phone number (known as an alphanumerical sender). This is a known issue with all providers in USA and Brazil, and it can also occur in other countries. In the US, many mobile carriers block these messages entirely. If you experience issues receiving SMS codes, we recommend using mobile or desktop authenticator app as a more reliable alternative.
|
|
Google Authenticator |
A mobile application that produces a random six-digit number which can be used for additional authentication when logging in. |
To set up Mobile Security Code:
-
Select Mobile Security Code in the 2-Factor Authentication drop-down menu.
-
Test the connection by clicking on the Send Test SMS button.
To set up Google Authenticator:
-
Select Google Authenticator in the 2-Factor Authentication drop-down menu.
-
Click the Generate Credential ID button.
An ID is generated together with a QR-code.
Hovering the mouse over the Credential ID displays the QR-code.
-
When Google Authentication is selected, enter the credential ID which is used to set up the account.
Method Enforcing
To enforce the two-factor authentication:
-
Go to Main Menu > Settings > Account
-
Select the Security Policy tab.
-
The Method Enforcing area determines the type of method used for authentication.
In the drop-down menu select which authentication method to enforce.
For 2-Factor Authentication, the available options are:
|
Option |
Description |
|---|---|
|
None |
2-factor authentication is not enforced; however, each user can still use a 2-Factor authentication on his/her account. |
|
Any |
This option enforces users to choose between the two authentication methods mentioned above. |
|
Mobile Security Code |
When this option is selected, a Mobile Security code is enforced as default on all users. |
|
Google Authenticator |
When this option is selected, Google Authenticator is enforced as default on all users. |
Related Articles
- Windows 10/Windows 2019 Server
- HIAB Updates
- General Information about SMB/WinRM Scanning
- Change Risk Levels
- Removing an Agent from Windows
- ServiceNow - Legacy
- Windows 8.1
- Netsec Filters
- Discovering the Agent in OUTSCAN
- Technical Specification
- Account Settings
- How to Test SMB Authentication
- Windows 2016 Server
- Identity Provider Settings
- HIAB Server Settings
- Installing a Linux Agent
- Okta Identity Provider Configuration
- Scanning-Less Scanning
- Check Connectivity to Agent Server
- Scan Scheduling Errors
- Overview
- Event Notification Module
- HIAB Maintenance Settings
- HIAB Deployment Guide
- Database Connector (HIAB only)
- Azure AD Identity Provider Configuration
- Add Comments
- Target Groups
- Checking if Agent is Running
- Core Installation
- Windows 2008 R2 Server
- Agent Installation Introduction
- Automatic Asset Joining With Netsec
- Manage Users
- Firewall Setup for Agents
- Scanning Range
- SNMP (HIAB only)
- ADFS Identity Provider Configuration
- Splunk
- Agent Call Home
- Advanced Report Filters
- Accept Risks
- SMB Authentication from OUTSCAN/HIAB
- Virtual HIAB Appliance
- Using the Agent Info Command
- Amazon
- User Roles
- Removing an Agent from Linux
- Retrieving the Agent UUID
- Atlassian Jira
- Understanding Scanner and Scheduler
- Finding the Agent Version
- Create and Edit Event Notifications
- Installing a macOS Agent
- Syslog (HIAB only)
- Setting Up an Agent Using System Proxy
- ServiceNow - App
- Thycotic
- DNS Lookup in UI and in Console
- HIAB Console
- Auditing Guide
- Adding Agent Attributes
- HIAB Distribution Settings
- Run Verification Scans
- Agent Latest Version
- Finding New Agents In OUTSCAN
- Setting up a HIAB as an Appsec Scale Scanner
- Hardening the HIAB
- Performing a PCI DSS Scan
- Two Factor Authentication
- Attributes
- Firewall Rules
- HIAB Enrollment
- Supported Platforms for Authenticated SSH Scanning
- Authenticated Scanning Using WinRM
- OneLogin Identity Provider Configuration
- Windows 7
- HIAB Remote Support
- Compliance Scanning
- Manage Targets
- Assign Tasks
- Authenticated Scanning Using SSH
- Tickets Quick Start Guide
- Retrieving Results From the Agent in OUTSCAN
- Appliance Logs
- Converting Normal with Webapp Scans (Netsec) to Portal Workflows
- Updating the Agent
- Troubleshooting SMB Authentication
- Agent Licensing
- Mark as False Positives
- Installing a Windows Agent
- Using Farsight in Netsec
- Testing Target System for Open TCP Ports
- HIAB Restore
- Scan Stages
- Request Clarifications
- HIAB Setup Guide
- Updating Agent Attributes
- CyberArk
- LDAP/AD
- Checking if the Agent has Produced Results
- ArcSight (HIAB only)
- HIAB E-mail Whitelisting
- Adjust Identity Provider SAML Metadata File
- Scanning Critical Industrial Devices/Machines
- Reporting Tools
- Scan Scheduling
- Scanning Performance and Impact Tuning
- PCI Compliance Scanning
- Configuring and Accessing the HIAB console using SSH
- User Groups
- Create Users
- HIAB Remote SSH Guide
- Download Agents
- Create Targets
- Windows 2012 R2 Server
- HIAB Backup
- Report Scheduling
- Access Tokens
- O24AUTH
- Complementary Authenticated Scan on Default Credentials
- Authenticated Scanning Using SMB
- Dynamic Target Group