X-Payments Cloud:Setting up User Authentication with the Google Authenticator App

From X-Payments Help
Revision as of 16:31, 26 November 2019 by Dohtur (talk | contribs) (Created page with "X-Payments Cloud can be set up to use a user authentication method based on using codes from the Google Authenticator application. The idea is simple: You install the app on a...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

X-Payments Cloud can be set up to use a user authentication method based on using codes from the Google Authenticator application. The idea is simple: You install the app on a device you own, typically a smartphone, and connect it to your X-Payments Cloud account. The app can generate one-time passwords that serve as the second piece of evidence to prove your identity - in addition to your login and password - when you try to login to X-Payments Cloud.

To set up user authentication via the Google Authenticator app, follow these steps:

  1. Install the Google Authenticator app on your phone/mobile device. The installation instructions are available here.
  2. In the X-Payments Cloud admin panel, go to the configuration page for the authentication method based on using Google Authenticator (Google Authenticator 2nd step verification).
    Xpc google auth2.png
    This page opens automatically after you select Google Authenticator as your preferred user authentication method when you log in to X-Payments for the first time.
    Xpc google auth1.png
    Also, you can access this page at any time using the "Google Authenticator app configure" link on your profile details page (Profile > View details):
    Xpc google auth link.png
  3. Sync the time on the device where you have installed the Google Authenticator app with the time in X-Payments. Never mind the time zone difference; it is only the minutes and seconds that need to be synchronized. The current time in X-Payments is displayed right on the Google Authenticator 2nd step verification page:
    Xpc google auth time.png
  4. Add your X-Payments account to the Google Authenticator App. To do so, scan the QR code on the right-hand side of the 2-step authentication with Google Authenticator page:
    Xp3 2step ga method configuration2.png
    Or use the Secret code displayed below the QR code to manually register your X-Payments account in the Google Authenticator app:
    Xp3 2step ga method configuration3.png
  5. To test the configuration, enter a one-time password from your Google Authenticator application on the 2-step authentication with Google Authenticator page and click "Check":
    Xp3 2step ga checking.png
    Note that the lifetime of a one-time password is one minute, and the same code cannot be used more than once.

Provided that the password from the Google Authenticator has been entered correctly, you should see a popup message saying that the authentication method has been configured successfully:

Xp3 2step ga check success0.png

Now user authentication via the Google Authenticator app is enabled and configured:

Xp3 2step ga configured.png

At the second step of user authentication, you can now use one-time passwords generated by the Google Authenticator app:

Xp3 2step ga auth.png

Important: After setting up your preferred user authentication method, be sure to create and save a list of backup codes for access to X-Payments:

Later on, if you need to set up Google Authenticator on a different device, you will have to reconnect the app. Note that to complete the task you will be required to enter a one-time password from your currently connected Google Authenticator app (If you have authentication via SMS/text messages enabled as an additional method, you can also use a one-time password received via SMS/text message instead of the password from Google Authenticator - these passwords are the same and can be used interchangeably).

To re-connect the app:

  1. On the configuration page for the authentication method based on using Google Authenticator (2-step authentication with Google Authenticator), click the Re-connect the app button:
    Xp3 2step ga reconnect1.png
    A popup window will be displayed providing a form for you to enter a one-time password from your currently connected app:
    Xp3 2step ga reconnect2.png
    Type in the one-time password from Google Authenticator (or an SMS/text message) and click Enter. The popup window will be closed, and the method configuration page will show the note "The authentication method is not configured!":
    Xp3 2step ga reconnect 3.png
  2. Scan the QR code or manually enter the Secret code to re-connect the app.