Two-factor authentication using TOTP for Management by User with admin privileges
Description
This article provides information on how to configure 2-Factor Authentication using Google Authenticator App for Administrator login.
Cause
Many User Login Authentication requires one-time password. SonicOS 6.5.3.1 or later provides additional layer of security with Time-Based One Time Password (TOTP) authentication.
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
1. Create a User
Login to the SONICWALL Appliance, Navigate to DEVICE | Users | Local Users. Click on Add Users
Under the Settings tab, type the username and password and from the drop down list under One-Time password method, select> TOTP
Navigate to Groups Tab, under the Member Of, Add SONICWALL Administrator
2. Download the Google Authenticator App or any other App that supports TOTP such as Microsoft Authenticator, Duo or Free-OTP
3. Login to the SONICWALL Appliance with the User Account created above (Step 1)
4. A QR Code will be displayed on the Screen and an Emergency Scratch code
NOTE: Please store the Emergency Scratch Code as it is the only way to login if the mobile device is lost or reset. The administrator can reset the TOTP binding as well.
5. Open the Google Authenticator App on the Mobile phone and Scan the barcode , Click on Begin
6. Add an Account usingScan a barcode
7. Once the barcode is scanned , the application will provide a 6-digit OTP
8. Enter the OTP under the 2FA Code option on the Appliance Portal
9. Click here to Continue
9. Click on the Manage Tab to Log in
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
1. Create a User
Login to the SONICWALL Appliance, Navigate to Users | Local Users (The screenshots shown in this article are from Classic Navigation mode). Click on Add option
Under the Settings tab, type the username and password and from the drop down list under One-Time password method, select TOTP
Navigate to Groups Tab, under the Member Of, Add SONICWALL Administrator
2. Download the Google Authenticator App or any other App that supports TOTP such as Microsoft Authenticator, Duo or Free-OTP
3. Login to the SONICWALL Appliance with the User Account created above (Step 1)
4. A QR Code will be displayed on the Screen and an Emergency Scratch code
NOTE: Please store the Emergency Scratch Code as it is the only way to login if the mobile device is lost or reset. The administrator can reset the TOTP binding as well.
5. Open the Google Authenticator App on the Mobile phone and Scan the barcode , Click on Begin
6. Add an Account using Scan a barcode
7. Once the barcode is scanned , the application will provide a 6-digit OTP
8. Enter the OTP under the 2FA Code option on the Appliance Portal
9. Click here to Continue
9. Click on the Manage Tab to Log in
NOTE: This option is available from firmware version 6.5.3.1