LogoLogo
Release NoteMicrositeWhite PapersCloud License
Cloud User Manual
Cloud User Manual
  • What is EnGenius Cloud?
  • Getting Started
    • Signing Up
    • Logging On
    • Registering Devices to Organization
    • Assigning Devices to Network
    • Device Setup
      • QIG
      • Troubleshooting ECW AP
        • LED Status
        • Default SSIDs
        • Login to Local Access Page
      • Label information
  • Working with Organization Trees
    • Organization
    • Hierarchy View
    • Network
  • Managing Devices
    • Managing Camera
      • Recording Playback and smart Motion Search
      • Configure and Check Camera Details
        • Camera AI settings
        • Region & Cross Lines
      • Video Walls
      • AI-Powered Search
    • Managing Gateway
      • Configure and Check Gateway Details
      • VPN Status
    • Managing Access Points
      • Diag Tools
      • Configure and Check AP Details
      • AirGuard
    • Managing Switches
      • Diag Tools
      • PoE scheduling
      • Getting Switch Analytics
      • PD/Auto-Cam Lifeguard
      • VLANs
      • Mirror
      • Link Aggregation
    • Managing PDU
      • Outlet Summary
      • Outlet Scheduling
      • Outlet AutoReboot
      • Alerts
      • Diag Tool
      • LCD Panel
    • Managing Clients
      • Client Timeline
    • Device Map Location
    • Floor Plans
    • Topology
  • Configuring Networks
    • Configuring Access Points
      • Configuring SSIDs
        • 802.11 Settings
        • Configuring Security
        • SmartCasting
        • Client IP Addressing
        • Dynamic VLAN Pooling
        • Advanced Settings
        • QoS
        • Captive Portal
        • LDAP server
        • Active Directory
        • Azure AD
        • Voucher Service
        • Configuring Splash Page
        • Access control
        • Clone SSID
        • Hotspot 2.0
        • Application Control
        • Layer 3 (L3) outbound firewall
        • Examples
      • Configuring Radio
      • Configuring Cloud RADIUS
      • Configuring MyPSK
      • Configuring VLAN
    • Configuring Switch
      • System & Protocols
      • Templates
    • Configuring Gateway
      • Configuring Interface
        • WAN
        • LAN
        • Static Route
        • Policy Route
      • Configuring Site to Site VPN
      • Configuring Client VPN
        • VPN settings for IOS
        • VPN settings for Mac OS
        • VPN settings for Android
        • VPN settings for Windows 10
      • Configure ESG VPN Users
      • Configuring Firewall
    • Configuring PDU
      • Template
    • Configuring Camera
      • Quality & Retention
    • Firmware Upgrade
    • General Settings
    • Client Access Control
  • Analytics
    • Device Events
    • System Events
    • Config Logs
  • MSP Portal
    • Dashboard
    • Teams
    • Inventory & License
    • Clone Org & Networks
  • Managing Organizations
    • Managing Device Inventory and License
    • Privacy
    • Backup & Restore
      • Configuration Template
  • Managing Team Members
    • Roles and Permissions
  • Notification & Alerts
    • Notification Center
    • Configuring Alert Settings
  • Mobile App
  • Get Remote Support
  • Security
    • Two Factor Authentication
    • RadSec Certificate
  • Report
  • Appendix
    • Access Point LED Behavior
    • ESG LED Behavior
    • SSID Troubleshooting Naming Rules
    • Firewall rules
      • Global Site
      • Japan Site
  • Configuration Guide
    • SAML SSO with ADFS
Powered by GitBook
On this page
  • How to Enable TFA to protect your account
  • Recovery codes
  • How to Deactivate TFA
  • How to Access a Locked Out Account
  • Login Cloud using recovery codes
  • TFA Enforcement to your Organization

Was this helpful?

Export as PDF
  1. Security

Two Factor Authentication

Last updated 1 year ago

Was this helpful?

Two Factor Authentication, also known as 2FA or TFA, is a two-step verification process that requires more information in addition to the usual username and password. This extra piece of information is something only the user will know or have physically with them, like a token sent to a mobile app, for example. It is very important to create backup codes the moment you enable 2FA on your account in case your phone is lost and cannot access the 2FA code.

How to Enable TFA to protect your account

1.Download and install the "Google Authenticator" APP on your mobile phone. . Google Authenticator will generate OTP (One-time passcode) for your account on EnGenius Cloud by following below steps. Please be reminded that if you have multiple accounts, then you need to generate corresponding entries to each account in Google Authenticator.

2. Select Two Factor Authentication from the top-right menu.

3. Open your chosen authenticator app on your smartphone. Since the following is using Google Authenticator as an example, the steps might vary slightly. Open the Google Authenticator app on your phone, tap Menu, then tap Begin Setup > Scan barcode. If you already have other accounts, you would click the plus sign (+) on the upper right and then Scan barcode.

4. Your phone will now be in the "scanning" mode. Go ahead and scan the QR code that appeared in the popup.

5. Enter the 6-digit authentication token provided by Google Authenticator into the popup, then click Activate .

Recovery codes

It is extremely important to back up a set of Recovery codes the moment two-factor authentication is enabled. These codes will allow you to unlock your account to disable TFA if you somehow lose access to your authenticator app (if say you lost your mobile).

You can access Recovery code after you enabled 2FA. You will be given a list of 10 backup codes, copy them somewhere safe. If there's a possibility someone has gained access to your codes, generate new ones to make those compromised ones obsolete.

How to Deactivate TFA

  1. Select Two Factor Authentication from the top-right menu.

  2. Click Deactivate

How to Access a Locked Out Account

If you are locked out of your account because you changed mobiles, deleted the authenticator app by mistake or lost your phone, you can get access to your account once more with the below method.

Login Cloud using recovery codes

  1. Go to cloud.engenius.ai enter your username and password as usual, and prompted for the screen for you to enter code.

2. Now just paste one of the backup codes you previously saved and click Verify.

3. Follow the How to Deactivate 2FA and How to Enable 2FA to protect your account procedure again. Remember to click Download code to save a new set of backup codes.

TFA Enforcement to your Organization

This feature helps the Organization administrator to enforce all Cloud users to have more secure to access the organization. If you enable TFA Enforcement , your team members are required to have two-factor authentication (TFA) enabled when access this organization. If team members don't activate 2FA, they are not allowed to access this organization . You can access this feature by clicking Organization > Security .

If the user manages multiple Organizations and does not enable TFA, he is still able to log in to Cloud. However, he cannot access the Org with TFA enforcement enabled as a requirement.

Other possible issues and solutions are discussed in this .

Google 2-Step Verification Help article
https://apps.apple.com/us/app/google-authenticator/id388497605