Two-Factor Authentication (2FA)
Administrator permissions are required to access this feature.
Configure Two-Factor Authentication
- In the lower-left corner of the main screen, click the Administration cog icon.
The Administration menu appears on the left side. - Under Access Control, click Two-Factor Authentication (2FA).
The Two-Factor Authentication (2FA) page appears. - On the right side, click Edit Settings.
The Edit Two-Factor Authentication Settings dialog box appears.
Edit Two-Factor Authentication Settings
Specification | Description | Options |
---|---|---|
Two-Factor Authentication | When enabled, two-factor authentication requires users to enter a time-based one-time password (TOTP) as part of their login process. |
|
TOTP Hash Algorithm | Select the hash algorithm to use for the TOTP. LogRhythm supports Google Authenticator for SHA1 and Free OTP for SHA256 or SHA512. |
|
TOTP Token Period | The time interval that a TOTP remains valid. When the time interval expires, a new TOTP is generated by the token generator. | Enter the desired time interval in seconds. |
Reset a 2FA Device
- In the lower-left corner of the main screen, click the Administration cog icon.
The Administration menu appears on the left side. - Click the user display name for the user account with the 2FA device you want to reset.
The user account page appears. - On the upper-right side of the screen, click Actions, and then click Reset 2FA Device.
A confirmation dialog box appears requiring you to complete the action or cancel the action. To reset the 2FA device, click Reset.
The 2FA device is reset, and the user must re-enroll in 2FA during their next login.