\\
!!! Constraints:  It requires Enterprise License.\\
\\
__OTP / MFA / 2FA settings:__\\
\\
This settings allows you to configure __Two Factor__ authentication.\\
This feature also supports software-based authenticator applications such as __Google Authenticator__ and __Microsoft Authenticator__. For more information, see the  [Authenticator Link|Authenticator]\\
\\
OTP's are primarily intended for web interface logins. Variants like __Google Authenticator (TOTP)__ would be straight meaningless for __FTP__, __SFTP__, since it's impossible enroll anyways.\\
\\ 
A hidden flag in __prefs.XML__ controls for which protocols OTP should be enabled by default:\\
\\
{{{
<twofactor_secret_auto_otp_enable_protocols>ftp,ftps,sftp,http,https,webdav</twofactor_secret_auto_otp_enable_protocols>
}}}\\
\\
You can customize the OTP token length by going to Shares([Manage Shares Link|Manage Shares]) -> General Settings, and adjusting the value in the __Length of auto-generated username and password__ input field.\\
\\
[OTP Settings/otp_token_length_config.png]\\
\\
----
!1. Ensure that Validated Logins is enabled to allow two-factor authentication\\
\\
[OTP Settings/otp_validate_logins.png]\\
\\
__[DMZ|DMZ]__ - Main node scenario: on __Preferences -> General Settings -> OTP section__ the __Validated Logins__ option must be enabled on the DMZ node, so the DMZ gives the two-factor authentication to the Main node.\\
----
!2. 	Supported OTP Methods\\
!2.1 SMS OTP Configuration\\

 - You must have a twilio account.
Using Twilio: [Twilio Link|https://www.twilio.com/]
----
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domain: __api.twilio.com__\\
----
The __ACCOUNT SID__ as __Username__ and __AUTH TOKEN__ as __Password__:\\
[OTP Settings/twilio3.png]
\\
URL: 
{{{

https://{otp_username}:{otp_password}@api.twilio.com/2010-04-01/Accounts/{otp_username}/Messages.json

}}}\\
\\
API post :
{{{

To={otp_to}&From={otp_from}&Body={otp_token}

}}}\\
\\
Provide your twilio phone number.\\
\\
[OTP Settings/otp_sms.png]\\
\\
__⚠️ Note__: The configuration will apply only to users who have a phone number (Go to [User Manager] -> Select the user).\\
\\
[OTP Settings/otp_user_settings_phone.png]\\
\\
!2.2 Email OTP Configuration\\
\\
Email usage requires an __SMTP Server__ configured in the __Preferences -> General Settings__ (See at [General Settings]). __Note:__ Make sure your SMTP server is properly configured and functioning.\\
\\
__URL:__ SMTP \\
__⚠️ Note:__ Just those 4 uppercase letters, nothing else.\\
\\
[OTP Settings/otp_email.png]\\
\\
This configuration applies only to users who have an email address and have the __Two-factor OTP/SMS authentication__ flag enabled in the [User Manager].\\
\\
The email can be customized by creating an __Email Template__ (More info at [Email Templates]): __Two Factor Auth__\\
\\
[otp_email_template.png]\\
\\
__⚠️ Note__: Variable for the One Time Password:\\ 
{{{
{auth_token}
}}}\\
\\
You can personalize the __OTP Email Content__ for individual users by creating an __Extra Text Reference__ on the user account. Then, insert that reference into the email template to customize the message per user.\\
\\
[OTP Settings/otp_user_extra_text_ref.png]\\
\\
Like :
{{{
{user_x_otp_email_body}
}}}\\
\\
[OTP Settings/otp_email_template2.png]\\
\\
----
!3. Configuring OTP Settings for Users\\
\\
To enable OTP for a user (Go to [User Manager] -> Select the user, or choose the __default__ user to apply the settings to all users), check the __Two-factor OTP/SMS authentication__ setting in the user configuration.\\
\\
Make sure the required __protocol__ is enabled.\\
\\
__(Optional)__ You can also configure the OTP to remain valid for multiple days.\\
\\
[OTP Settings/otp_user_settings.png]\\