...
| Excerpt | ||
|---|---|---|
| ||
Enabling two-factor authentication with TOTP or MOTP. |
| Table of Contents | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
Configuring Two-Factor Authentication
...
- For instructions on setting up your YubiKey to generate TOTP tokens visit httphttps://wwwsupport.yubico.com/totp/support/solutions/articles/15000006419-using-your-yubikey-with-authenticator-codes
- If you follow the instructions provided by yubico you will need to convert your Google secret key from base32 into hexadecimal (base16) format before adding it to Blesta. Instructions on doing that are provided in the note above.
...
If you have access to add additional Staff, you can set up Two-Factor Authentication at account creation under [Settings] > [System Settings] > Staff.
For Yubico Key App
Yubico now has an easy to use application which works with the NFC keys, we use the YubiKey 5 NFC, the Security key doesn't work with their TOTP App.
- Download their app from: https://www.yubico.com/products/yubico-authenticator/
2. Load up the application and plug in your key, then click on Add 
button at the top right.
3. Go to the "My Info" part of Blesta Administrator and select "Time-based HMAC One Time Password" under Two Factor Authorisation then hit Scan.
4. Enter your "Issuer" we recommend the url to your Blesta or something like Blesta Admin, and the "Account name" has to be your account username to the Admin panel. We recommend you require touch to unlock the passcode and also click Add to add the account to your Yubico key.
Help! I've lost the token to my Staff account. How can I disable Two-Factor Authentication?
...