Administration – OTP Security Authentication

  Customer Administration

This article deals with setting up two-factor (OTP) authentication for access to the customer administration panel. You can find additional security methods in the article Administration – Customer Account Security.

In this article, you will learn:

How OTP Works

OTP stands for One Time Password. It is a six-digit single-use code that is valid for 30 seconds. After this time, a new password is generated based on the so-called shared key. You create this key when you activate OTP authentication and it is stored both on our server and in the device you use as an authentication tool. As long as the device and the server are synchronized with each other, the passwords based on the key match and you can log in with them.

Given the OTP code length and the limited time of its existence, it is very unlikely that an attacker would guess it. In combination with the regular customer account password, it is therefore quite an effective protection.

OTP Authentication Prerequisites

First, make sure you have an up-to-date mobile phone number and email address set up with your customer account. If you lose your authentication device, we will use this data to verify your identity and restore access.

To generate the one-time password itself, you use a device on which you read the corresponding one-time code at a given time. You will most commonly use your mobile phone with these applications:

If your phone does not support mobile apps, you can use a browser extension:

OTP Activation

If you have:

  • set up an up-to-date mobile phone number and email address in the customer administration panel, and
  • an OTP generator prepared in a mobile phone or browser,

you can proceed to enable OTP authentication. Follow these steps:

  1. Log into the customer administration panel.
  2. In the navigation bar, select My Account >> Customer.
  3. In the left menu, click Account Security.
  4. In the Two-Factor Authentication (OTP) section, click the Set OTP button.
  5. Enter the shared key into your authentication device, or scan the QR code.
  6. Enter your customer account password and a valid OTP code.
  7. Click the Activate button.
WEDOS Activating the OTP authentization
Activating the OTP authentication

The next time you log in, the system will prompt you to enter the OTP password.

If you enter a wrong password or another error occurs during activation, delete the existing account from the keychain and start the whole process again. The system will generate a new shared key and invalidate the old one.

You can run the application on multiple devices with a single shared key. You can therefore use a backup solution in case of failure or loss of one device.

OTP Deactivation

If you have access to the customer administration panel, follow the same steps as with activating OTP, but in Account Security, click the Disable button in the Two-Factor Authentication (OTP) section instead.

WEDOS Deactivating OTP
Deactivating OTP

Lost OTP Device

If you do not have access to the customer administration panel due to the loss of the OTP authentication device, follow these steps:

  1. Enter your customer administration panel username and password.
  2. In the next step, click the I lost my OTP keycard button.
  3. Check your mailbox. Within 5 minutes of sending the request, click the link in the email WEDOS Internet – Deactivate OTP from wedos@wedos.com.
  4. Follow the link and click the Send SMS button.
  5. Enter the SMS code.
  6. Complete CAPTCHA and click the Send button.
WEDOS Deactivate OTP using email link
Deactivate OTP using email link

OTP is now disabled.

Common Issues

Common problems with OTP authentication include:

OTP Activation Failed

Issue: Due to an error, the activation did not complete correctly.

Solution: Delete the shared key from the device and activate OTP again from the beginning.

Unavailable Email or Phone

Issue: We want to disable OTP but we don’t have access to that email or phone.

Solution: Contact us via the form. Provide your account login email and OTP deactivation request. The WEDOS authorization department will usually get back to you within 1 working day.

FAQ

Question: How do I get an OTP generator if I don’t have a smartphone?
Answer: All sorts of OTP generators exist, including browser extensions.

Question: Can I have more keychains? How do I set them up?
Answer: You can also add them later by displaying the shared key in the customer admin panel.

Děkujeme za zpětnou vazbu!