Difference between revisions of "X-Payments:Setting up user authentication with the Google Authenticator app"

From X-Payments Help
Jump to: navigation, search
(Created page with "X-Payments can be set up to use an authentication method based on using the Google Authenticator application which you install on your phone. The application is connected to y...")
 
m
Line 14: Line 14:
 
:[[File:xp3_2step_ga_auth.png|border]]<br /><br />
 
:[[File:xp3_2step_ga_auth.png|border]]<br /><br />
 
'''Important:''' After setting up your preferred user authentication method, be sure to create and save a list of backup codes for access to X-Payments:
 
'''Important:''' After setting up your preferred user authentication method, be sure to create and save a list of backup codes for access to X-Payments:
:* [[#BackupCodesAuthentication | Setting up user authentication with backup codes]]<br /><br />
+
:* [[X-Payments:Setting_up_user_authentication_with_backup_codes | Setting up user authentication with backup codes]]<br /><br />
  
 
Later on, if you need to set up Google Authenticator on a different device, you will have to reconnect the app. Note that to complete the task you will be required to enter a one-time password from your currently connected Google Authenticator app (If you have authentication via SMS/text messages enabled as an additional method, you can also use a one-time password received via SMS/text message instead of the password from Google Authenticator - these passwords are the same and can be used interchangeably).
 
Later on, if you need to set up Google Authenticator on a different device, you will have to reconnect the app. Note that to complete the task you will be required to enter a one-time password from your currently connected Google Authenticator app (If you have authentication via SMS/text messages enabled as an additional method, you can also use a one-time password received via SMS/text message instead of the password from Google Authenticator - these passwords are the same and can be used interchangeably).

Revision as of 01:22, 16 March 2016

X-Payments can be set up to use an authentication method based on using the Google Authenticator application which you install on your phone. The application is connected to your X-Payments installation, after which it can generate one-time passwords that serve as the second piece of evidence to prove your identity after you have entered your X-Payments login and password.

To set up user authentication via the Google Authenticator app, follow these steps:

  1. Install the Google Authenticator app on your phone/mobile device. The installation instructions are available here.
  2. In the X-Payments back end, go to the configuration page for the authentication method based on using Google Authenticator (2-step authentication with Google Authenticator).
    Xp3 2step ga method config.png
    This page opens automatically after you select Google Authenticator as your preferred user authentication method when you log in to X-Payments for the first time. Also, you can access this page at any time using the "Google Authenticator app configure" link on your profile details page (Profile > View details):
    Xp3 2step ga configure link.png
  3. Sync the time on the device where you have installed the Google Authenticator app with the time in X-Payments. Never mind the time zone difference; it is only the minutes and seconds that need to be synchronized. The current time in X-Payments is displayed right on the 2-step authentication with Google Authenticator page:
    Xp3 2step ga method config1.png
  4. Add your X-Payments account to the Google Authenticator App. To do so, scan the QR code on the right-hand side of the 2-step authentication with Google Authenticator page:
    Xp3 2step ga method config2.png
    Or use the Secret code displayed below the QR code to manually register your X-Payments account in the Google Authenticator app:
    Xp3 2step ga method config3.png
  5. To test the configuration, enter a one-time password from your Google Authenticator application on the 2-step authentication with Google Authenticator page and click "Check":
    Xp3 2step ga check.png
    Note that the lifetime of a one-time password is one minute, and the same code cannot be used more than once.

Provided that the password from the Google Authenticator has been entered correctly, you should see a popup message saying that the authentication method has been configured successfully:

Xp3 2step ga check success0.png

Now user authentication via the Google Authenticator app is enabled and configured:

Xp3 2step ga configured.png

At the second step of user authentication, you can now use one-time passwords generated by the Google Authenticator app:

Xp3 2step ga auth.png

Important: After setting up your preferred user authentication method, be sure to create and save a list of backup codes for access to X-Payments:

Later on, if you need to set up Google Authenticator on a different device, you will have to reconnect the app. Note that to complete the task you will be required to enter a one-time password from your currently connected Google Authenticator app (If you have authentication via SMS/text messages enabled as an additional method, you can also use a one-time password received via SMS/text message instead of the password from Google Authenticator - these passwords are the same and can be used interchangeably).

To re-connect the app:

  1. On the configuration page for the authentication method based on using Google Authenticator (2-step authentication with Google Authenticator), click the Re-connect the app button:
    Xp3 2step ga reconnect1.png
    A popup window will be displayed providing a form for you to enter a one-time password from your currently connected app:
    Xp3 2step ga reconnect2.png
    Type in the one-time password from Google Authenticator (or an SMS/text message) and click Enter. The popup window will be closed, and the method configuration page will show the note "The authentication method is not configured!":
    Xp3 2step ga reconnect3.png
  2. Scan the QR code or manually enter the Secret code to re-connect the app.