Introduction

TOTP has been adopted as Internet Engineering Task Force standard RFC 6238.

Configuring Multi-Factor Authentication in the Security Enhanced Directory Manager

1. As an administrator in Joget Settings > Directory Manager, choose the Security Enhanced Directory Manager  and select Time-based One-time Password (TOTP) Authenticator for the Multi Factor Authenticator property.

   

2. Once the TOTP Authenticator has been enabled, users will be able to enable MFA individually in their user profile.

Activating Multi-Factor Authentication as a User

1. As a user, download and install a TOTP compatible mobile app. For example, on Android and iOS, you can use Google Authenticator or Microsoft Authenticator.

   

2. In your Joget profile page, click on the Activate button in the Time-based One-time Password (TOTP) Authenticator property at the bottom of the form.

3. A popup dialog will appear showing the secret key and a barcode. 

   

4. Using the TOTP mobile app, scan the barcode or key in the secret key. The TOTP mobile app will create a new account.

   Save the secret key in a safe place, in case you need to reactivate your account e.g. in case of a lost device.

5. Key in the current generated code displayed in the TOTP mobile app into the Password field and click on Submit. If the code is valid, MFA is will be activated.

   

6. On subsequent logins, you will be prompted for a TOTP code password.

Deactivating Multi-Factor Authentication

1. As a user, you can disable MFA by clicking on the Deactivate button in your user profile.

2. Administrators can also disable MFA for a specific user by selecting the user under Setup Users and clicking on the Deactivate MFA button.