Setting up multifactor authentication
Requesting the Yubico API key
An API key must be requested for configuration. For this purpose, use the following link and enter an e-mail address: https://upgrade.yubico.com/getapikey/
Yubikey will then generate a One Time Password. The Yubikey used must only be touched in the right place.
The One Time Password is entered directly into the corresponding field.
Once the general terms and conditions have been approved, the API Key can be requested.
Configuring the Yubikey API
The actual setting up of the multifactor authentication is carried out on the AdminClient in the * Database * module. First select the required data base; then open the “Features” in the ribbon.
The Yubico Client ID and the Yubico Secret Key must then be entered and saved.
The interface is now ready and can be used.
Configuring multifactor authentication for users
Multifactor authentication can be configured in the Password Safe client. It can be done by the user themselves in Backstage in the menu. It is also possible for the configuration to be applied to other users in the module . The procedure is identical in both cases. In order to configure the Yubikey, simply select Yubico One Time Password and enter the name for the multifactor authentication.
And then click on save. Now click in the field for the token and create a token using the Yubikey. For Yubikey NEO, you only need to touch the touch panel. The same applies to Yubikey Nano.
The token is entered directly into the corresponding field. The multifactor authentication is configured once you’ve clicked on save.
Logging in with the Yubikey
To login with Multifactor Authentication, the database is first selected and then User Name and Password are entered and confirmed.
After the first password authentication, another field for the One Time Password is displayed.
Click on the field to highlight it, and enter the One Time Password by touching the Yubikeys.
The user is now logged on.