In CrushFTP version 9 we can integrate our One Time Password (__[OTP|OTP Settings]__) based authentication feature with Google's software based token device __Google Authenticator__ , using Time based OTP (TOTP). The server provides a 80-bit secret key , on a per user basis, as a QR code, that can be imported using Authenticator's QR reader.\\
\\
!!!Server side configuration\\
Will need to enable one of our __[OTP|OTP Settings]__ methods, using SMS or Mail based OTP, and enable the __Validated logins__ checkbox. The user needs to be able to log in at least once, using conventional __[OTP|OTP Settings]__.\\
\\
[attachments|servercfg001.png]\\
\\
The second step is to configure the user account with __Two Factor Authentication__\\
\\
[attachments|servercfg002.png]\\
\\
and enable the __QR code generator__ in it's __User Options__ menu\\
\\
[attachments|servercfg003.png]\\
\\
\\
!!!Client / token device configuration\\
\\
The user will need to log in using conventional __[OTP|OTP Settings]__, generate the QR code form the client UI __User Options__ menu.\\
\\
[attachments|servercfg004.png]\\
\\
Then open _Authenticator__ on the mobile device, set up new account, choose barcode, point the device towards the screen, read in the QR code.\\
 \\
[{Image src='tokencfg001.png' width='272px' height='..' align='left'}][{Image src='tokencfg002.png' width='272px' height='..' align='left'}][{Image src='tokencfg003.png' width='272px' height='..' align='left'}]\\