To strengthen logon security, EventLog Analyzer supports two-factor authentication (TFA).
If TFA is enabled, EventLog Analyzer will require its users to authenticate using one of the following authentication mechanisms in addition to Active Directory or RADIUS authentication.
Note: As a preventive measure against lockout, it has been made possible for an administrator to skip two-factor authentication during logon.
Setting up Two-factor Authentication
To enable two-factor configuration,
- Login to EventLog Analyzer as an administrator.
- Move to the Settings tab and click Admin Settings > Logon Settings.
- Switch the Two-factor Authentication toggle button to the Enabled position.
- Click on the authentication mechanism of your choice and enter the necessary details.
Note: If multiple authentication options are enabled, the user will be asked to choose one at the time of logging in.
When email verification is enabled, EventLog Analyzer sends a verification code to the configured email address. That verification code would need to be entered to successfully login.
To configure email verification as the second authentication mechanism,
Click the Enable Email Verification check box to enable it.
Enter the subject and body of the email containing the verification code.
Set the priority of the mail according to your requirement.
Click the Macros button at the bottom to include them in the email.
Save to save the email verification settings.
When SMS verification is enabled, EventLog Analyzer sends a verification code via SMS to the configured mobile number. That verification code would need to be entered to successfully login.
To configure SMS verification as the second authentication mechanism,
Click the Enable SMS Verification check box to enable it.
Enter the body of the message containing the verification code.
Click the Macros button at the bottom to include them in the SMS.
Click Save to save the email verification settings.
When verification via Google Authenticator is enabled, a six-digit security code will be generated in the Google Authenticator application in the configured mobile. This code would need to be entered to successfully login.
To configure Google Authenticator as the second authentication mechanism,
Note: Ensure that the client time and device (mobile) time are syncronized.
When verification via RSA SecurID is enabled, the security codes generated by the RSA SecurID mobile app, hardware tokens, or tokens received via mail or SMS would need to be entered to successfully log in.
To configure RSA SecurID as the second authentication mechanism,
When verification via Duo Security is enabled, a six-digit security code will be generated in the Duo Security application in the configured mobile. This code would need to be entered to successfully login.
Note: Ensure that the server time and internet time are syncronized.
To configure Duo Security as the second authentication mechanism,
- Login to your Duo Security account or sign up for a new one and login. For self enrollment steps, go to Duo Self Enrollment.
- Go to Applications and click Protect an Application.
- Search for Web SDK and click Protect this Application.
- Note the Integration Key, Secret Key, and API Hostname.
- In the EventLog Analyzer two-factor authentication menu, select the Enable Duo Security check box and enter the noted down values in appropriate fields.
- Click Save to save the configuration.
Backup Verification Codes
As a backup mechanism against user lockout because of two-factor authentication failure, EventLog Analyzer has backup verification codes. Each user can generate a set of backup verification codes, which will have five, and use one code each time they are unable to login by authenticating using the configured mechanism.
To allow users to login using backup verification codes, enable the Backup Verification Code check box.
To generate backup verification codes, go to Two-factor Authentication in My Account.
Managing Enrolled Users
As an admin, you can view the authentication method users have enrolled for and also remove users’ enrollment for two-factor authentication. To manage enrolled users,
- In the Settings tab, navigate to Admin Settings > Logon Settings.
- Click Enrolled Users at the bottom of the authentication mechanisms list to view the list of users enrolled for two-factor authentication and the authentication method they have chosen.
- To remove a user, select the user and click the delete icon.
Managing Account Two-factor Authentication
To manage the two-factor authentication settings of the logged in account, check Manage Account TFA.