Help Center> Cloud Bastion Host> User Guide> Logging In to the CBH System> Configuring Multifactor Verification> Configuring Mobile OTP Login Authentication
View PDF

Configuring Mobile OTP Login Authentication

A mobile OTP is a mobile application that can generate a dynamic password for identity verification. In mobile OTP verification method, both your static login password and a 6-digit one-time password are required for login.

Currently, CBH supports built-in mobile OTP and Remote Authentication Dial In User Service (RADIUS) mobile OTP.

  • Built-in mobile OTP application: WeChat mobile OTP applet
  • RADIUS mobile OTP applications: Google Authenticator and FreeOTP

Constraints

  • Before you enable mobile OTP authentication for the admin user, ensure the admin user has been bound to a mobile OTP. Otherwise, the admin user cannot log in to the CBH system.
  • Ensure that your CBH system and mobile phone have the same system time, accurate to the seconds. Otherwise, the system may prompt that the mobile OTP fails to be bound.

    If the mobile OTP fails to be bound, check and synchronize the time of the CBH system with the mobile phone system. Refresh the page, scan the new quick response (QR) code, and try again.

Step 1: Bind a Mobile OTP as a Common User

  1. Log in to the CBH system using your static password.
  2. On the Dashboard page, click Profile in the upper right corner.
  3. On the displayed Profile page, click the Mobile OTP tab.

    On the displayed page, follow the instructions to bind a mobile OTP.
    Figure 1 Mobile OTP configuration

  4. (Optional) To unbind the mobile OTP, click Unbind on the Mobile OTP tab.

Step 2: Enable Mobile OTP Authentication for a User as the Administrator

  1. Log in to the CBH system as the administrator.
  2. Choose User > User to go to the User management page.
  3. Select a user having mobile OTP bound and click its LoginName.
  4. In the User Setting area, click Edit.

    Figure 2 Editing user setting

  5. In the displayed Edit user settings dialog box, select Mobile OTP for Multifactor Verification.
  6. Click OK.

    The next time the user logs in to the CBH system, they will have to provide a mobile OTP.