Two-Factor Authentication (2FA) for Reseller Account Access

What is 2FA?

Two-factor authentication is an additional level of security when accessing an account. In addition to entering a password, the user will provide an additional means of identification from a separate category of credentials: either a time-based token obtained through an app, or one obtained via SMS.

You may have both types of 2FA enabled at once.  The most recently-enabled type will be default unless you change it following the instructions in the FAQ below.

Important: If you previously shared a single login among several users, and you would like to enable 2FA, you will need to create a separate user for each individual who needs to log in - time-based tokens cannot be shared by multiple people.

How do I enable 2FA using app-based authentication for a user account?

1. Log into the Reseller Control Panel and go to Settings, then choose Account Profile
.

2. There will be a new area: “2-Factor Authentication”
.

3. To enable 2FA, click Edit
.

How do I enable 2FA using app-based authentication for a user account?

4. Choose Enable Authenticator App. To proceed with editing, you will need to provide your reseller account password again
.

 

5.  To set up 2-Factor Authentication using an authenticator app on your smartphone, you will be presented with a key and a QR code (the QR code expresses the same key). Scan the QR code using the authenticator app on your phone (for example, here are instructions on how to install Google Authenticator), or enter the key manually in your app
.

6. Once completed, the app will return a code to you
. Enter this code in the box and click on Enable
.

 

7. You will receive 10 recovery codes that you can use in case you are unable to access your authenticator app
.  Please print these and keep them protected.

8. 2FA is now enabled as the default option, and a newly-generated six-digit token from your authenticator app will be requested upon your next login.

How do I enable 2FA using SMS-based authentication for a user account?

1. Log into the Reseller Control Panel and go to Settings, then choose Account Profile
.

2. There will be a new area: “2-Factor Authentication”
.

3. To enable 2FA, click Edit
.

 

How do I enable 2FA using SMS-based authentication for a user account?

4. Choose Enable SMS. To proceed with editing, you will need to provide your reseller account password again
. Input your mobile phone number and click Next.

5. You will receive an SMS with a token on your phone. Insert that code in Step 2 and click Enable.

6. You will receive 10 recovery codes that you can use in case you are unable to access your SMS
.  Please print these and keep them protected.

7. 2FA is now enabled as the default option. Every time you log in, after inputting your username and password you will receive an SMS with a token. You will use this token to complete your login.

How will 2FA work when logging into OpenSRS?

  1. Enter your username and password and submit.

  2. If 2FA is enabled for your account, you will then be prompted to enter a token.

  3. If SMS-based authentication is your default 2FA option, you will receive a login token via SMS.

  4. If Authenticator App is your default 2FA option, you will need to open the app on your phone and locate the token for OpenSRS in the app.

  5. Enter the token into the prompt box.

  6. OpenSRS will validate the token and grant access to the Resellers Control Panel
.

If 2FA is enabled for a user, the token will be required when the user logs in to the Resellers Control Panel AND the Reseller Web Interface (RWI).

FAQ

How can I log in if I don’t have my phone?

Log in using the emergency tokens you were provided when you enabled 2FA.  Using one of these tokens will disable 2FA, so you will need to re-enable it using your selected process above.

How can I disable 2FA for my account?

  1. Log into the Reseller Control Panel and go to Settings, then choose Account Profile
.
  2. Under 2-Factor Authentication, click Edit.
  3. Select Disable.

or

Use one of the emergency tokens to log into your account.

How can I change the default login method?

  1. Log into the Reseller Control Panel and go to Settings, then choose Account Profile
.
  2. Under 2-Factor Authentication, click Edit.
  3. Select Change default login method and select your choice.

How can I see which users in my reseller account have 2FA enabled?

Log into the Reseller Control Panel and go to Settings Account Settings - Manager Users


If I use Authenticator App for app-based 2FA, are my user credentials, or any other private information, shared with the App provider (e.g., Google)?

No, the app just takes the seed key we provide to you to generate a time-based token. It does not send any information to the provider, and does not require a live internet connection to generate a token, since it is completely based on the key and the initial token you entered during setup.

How can I retrieve my emergency tokens if I didn’t print them initially?

If you still have access to your account, you can regenerate recovery tokens under Account Profile > 2FA > Regenerate Recovery Tokens.  It is important to note that each time you generate new tokens, the previous set is invalidated.

Was this article helpful? 0 out of 0 found this helpful
Have more questions? Submit a request