admin/3engines_doc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
faadd4e38dda6a2c55fb47bbf6a080438be50b03
3engines_doc/docs/accountmanagement/Two-Factor-Authentication-for-3Engines-Cloud-Site.html.md
govardhan faadd4e38d brand changed
2025-07-04 09:34:25 +05:30

213 lines
13 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
search: false
---
Two-Factor Authentication to 3Engines Cloud site using mobile application[🔗](#two-factor-authentication-to-brand-name-site-using-mobile-application "Permalink to this headline")
===================================================================================================================================================================================
Warning
Two-Factor Authentication is required for all 3Engines Cloud users. The only exception are accounts which log in using Keystone credentials.
Traditionally, the most basic way to implement security online was to authenticate users and companies with a pair of usernames/passwords. Most usernames are email addresses and if email address is breached, the bad actor can probably learn your password too. What once used to be secure enough is not secure now because of easy access to refined brute force methods, availability of computing power at scale, social engineering methods, identity theft and so on.
The way to overcome this limitation is to introduce two or more factors or types of user authentication. These could be
> * something the user knows (email address, the name of their first pet etc.)
> * something the user has (token generator, smartphone, credit card etc.) or
> * biometric information such as fingerprint, iris, retina, voice, face and so on.
Logging into the 3Engines Cloud site uses two-factor authentication, meaning you will have to supply two independent types of data:
> * the “classical” username and password, as well as
> * the numeric code supplied by a concrete mobile app.
This article is about using mobile devices to authenticate to the cloud. If you want to use your computer to do that, see [Two-Factor Authentication to 3Engines Cloud site using KeePassXC on desktop](Using-KeePassXC-for-Two-Factor-Authentication-on-3Engines-Cloud.html.md).
You will first have to install one of the following two mobile applications, for Android or iOS mobile operating systems:
> * [FreeOTP](https://freeotp.github.io/), where OTP stands for One Time Password, or
> * [Google Authenticator](https://googleauthenticator.net/).
We can use “mobile authenticator” as a generic term for a mobile app that can help authenticate with the account.
Which One to Use FreeOTP or Google Authenticator?[🔗](#which-one-to-use-freeotp-or-google-authenticator "Permalink to this headline")
--------------------------------------------------------------------------------------------------------------------------------------
You can use FreeOTP with Google accounts instead of Google Authenticator app.
If you already use Google Authenticator app for other accounts, you may prefer it over FreeOTP.
Warning
If your accounts are protected by Google Authenticator and it stops working, then you risk losing **all** the data that were behind those protected accounts. The most common scenario is to switch to a new phone number and then not be able to verify the accounts via a text message to the previous phone number.
In this tutorial, you are going to use the FreeOTP app.
Warning
If you lose access to QR codes and cannot log into the Horizon site for 3Engines Cloud, ask Support service to help you by sending email to the following address [support@3Engines.com](/cdn-cgi/l/email-protection#80f3f5f0f0eff2f4a6a3b3b7bba6a3b5b2bba6a3b4b8bbe3eceff5e4e6e5f2f2efa6a3b4b6bbe3efed).
What We Are Going To Cover[🔗](#what-we-are-going-to-cover "Permalink to this headline")
---------------------------------------------------------------------------------------
> * How to start using the mobile authenticator
> * How to locate, download and install FreeOTP app on your mobile device
> * How to set up FreeOTP app and connect it to your 3Engines Cloud account
> * How to get new code each time you want to enter the site
Prerequisites[🔗](#prerequisites "Permalink to this headline")
-------------------------------------------------------------
Use only one of the four possible combinations for two apps and two app stores.
No. 1 **FreeOTP app in Google Play Store**
Download [FreeOTP app in Google Play Store using this link](https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp).
No. 2 **FreeOTP app in iOS App Store**
Download [FreeOTP app in iOS App Store using this link](https://apps.apple.com/la/app/freeotp-authenticator/id872559395).
No. 3 **Google Authenticator in Google Play Store**
Download [Google Authenticator in Google Play Store using this link](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US).
No. 4 **Google Authenticator in iOS App Store**
Download [Google Authenticator in iOS App Store using this link](https://apps.apple.com/us/app/google-authenticator/id388497605).
Warning
You should install the authenticator app **before** trying to log into the 3Engines Cloud site.
You are now going to download, install and use the FreeOTP app to authenticate to 3Engines Cloud site.
Step 1 Download and Install FreeOTP from the App Store[🔗](#step-1-download-and-install-freeotp-from-the-app-store "Permalink to this headline")
-----------------------------------------------------------------------------------------------------------------------------------------------
Using the App Store icon from the desktop of your iOS device, locate app called **freeotp**. A screen like this will appear:
[![otp01.png](../_images/otp01.png)](../_images/otp01.png)
Tap on GET and the app will start downloading to your device.
[![otp02.png](../_images/otp02.png)](../_images/otp02.png)
It may take a minute or so and then install it by tapping on button Install.
[![otp03.png](../_images/otp03.png)](../_images/otp03.png)
Once installed, type on **Open** and the app will run. At first, there will be no tokens to work with:
[![otp04.png](../_images/otp04.png)](../_images/otp04.png)
Note
FreeOTP can also use tokens to secure access to the remote site. The 3Engines Cloud site uses QR code, so that is what you will use in this tutorial. (Both “token” and “QR scan” denote a secure connection to the site, but use different techniques in the process.)
Step 2 Scan QR and Create Brand[🔗](#step-2-scan-qr-and-create-brand "Permalink to this headline")
-------------------------------------------------------------------------------------------------
Select a brand, which means select an icon that will make your tokens stand out graphically. If you will employ this app only to get access to 3Engines Cloud, you may select whichever icon you want.
[![otp05.png](../_images/otp05.png)](../_images/otp05.png)
In the next step, you may require that the phone is unlocked when the token is to be activated. Choose that if you are afraid someone might steal your phone and get access to your 3Engines Cloud data that way.
[![otp07.png](../_images/otp07.png)](../_images/otp07.png)
Clicking on **information** icon will show you legal details about this app.
[![otp08.png](../_images/otp08.png)](../_images/otp08.png)
To scan the QR code, use a QR like icon in the upper part of the screen, like this:
![eefa_freeotp_qr_icon.png](../_images/eefa_freeotp_qr_icon.png)
Click on it to get to the scanner part of the application and read the QR code from the login screen.
Note
The QR code will appear on screen when you first try to log into the 3Engines Cloud site (see below).
[![eefa_qr_screen_creodias.png](../_images/eefa_qr_screen_creodias.png)](../_images/eefa_qr_screen_creodias.png)
Step 3 Create a Six-digit Code to Enter Into the Login Screen[🔗](#step-3-create-a-six-digit-code-to-enter-into-the-login-screen "Permalink to this headline")
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Finally, you will see a row within the FreeOTP app, with the icon you chose and with the code that will appear automatically. For instance, the code is **289582** and that is the code that you need to enter when the site asks you for *One-time code*.
[![otp09.png](../_images/otp09.png)](../_images/otp09.png)
If you created several tokens or repeatedly scanned QR code from the screen, you may see the appropriate number of rows on the mobile screen:
[![eefa_several_rows.png](../_images/eefa_several_rows.png)](../_images/eefa_several_rows.png)
Tapping on any of these will produce the six-digit code that you have to type into the entry form to get logged in. Only one of these will be the right one, in this case, the first row produces the correct six-digits code for 3Engines Cloud site.
[![eefa_tapped.png](../_images/eefa_tapped.png)](../_images/eefa_tapped.png)
You are now ready to log into the 3Engines Cloud site using the two-factor authentication.
How to Start Using the Mobile Authenticator With Your Account[🔗](#how-to-start-using-the-mobile-authenticator-with-your-account "Permalink to this headline")
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Use the usual link <https://horizon.3Engines.com> to log into your 3Engines Cloud account and choose 3Engines Cloud in the input menu.
[![eefa_start_creodias.png](../_images/eefa_start_creodias.png)](../_images/eefa_start_creodias.png)
Click on blue button Sign In and enter your username / email and password:
[![eefa_sign_regular_creodias.png](../_images/eefa_sign_regular_creodias.png)](../_images/eefa_sign_regular_creodias.png)
If the data you entered has not already been linked to two-factor authentication, the next screen will be **Mobile Authenticator Setup**:
[![eefa_mobile_auth_setup_creodias.png](../_images/eefa_mobile_auth_setup_creodias.png)](../_images/eefa_mobile_auth_setup_creodias.png)
This screen will contain the QR code that you have to read from using the mobile authenticator app, in this case, the FreeOTP app.
At this moment, start using the mobile device activate the FreeOTP first if not already active, scan the QR code with the QR icon and, as explained above, get the six-digit code on the mobile device screen.
Retype that six-digit code into the **One-time code** field on computer screen. It is denoted by an asterisk, meaning that it is mandatory to enter a value into this field.
You can use the field **Device Name** to remind yourself on which device was the mobile authenticator app installed on.
Click on **Submit** and you will be brought back to the **Sign in** screen from the beginning:
Logging Into the Site Once the Two-Factor Authentication is Installed[🔗](#logging-into-the-site-once-the-two-factor-authentication-is-installed "Permalink to this headline")
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Here is the workflow in one place, with all of the screens repeated for easy reference.
Use the usual link <https://horizon.3Engines.com> to log into your 3Engines Cloud account and choose 3Engines Cloud in the input menu.
[![eefa_start_creodias.png](../_images/eefa_start_creodias.png)](../_images/eefa_start_creodias.png)
Click on blue button **Sign In** and enter your username / email and password:
[![eefa_sign_regular_creodias.png](../_images/eefa_sign_regular_creodias.png)](../_images/eefa_sign_regular_creodias.png)
Since the two-factor authentication is already installed, you will only see the window to enter the six-digit code.
[![eefa_restart_login_creodias.png](../_images/eefa_restart_login_creodias.png)](../_images/eefa_restart_login_creodias.png)
Now activate the mobile authenticator app and get the code on the device screen, for instance, like this:
[![eefa_tapped.png](../_images/eefa_tapped.png)](../_images/eefa_tapped.png)
In this case, the code is 828966. Enter it into the form, **Submit** and you will be logged in.
[![eefa_logged_in_creodias.png](../_images/eefa_logged_in_creodias.png)](../_images/eefa_logged_in_creodias.png)
Note
If the FreeOTP app is in the foreground on the mobile device while you are submitting the username and password, the app will react automatically and the proper six-digit code will appear on its own on the authenticator device.
### What To Do Next[🔗](#what-to-do-next "Permalink to this headline")
As mentioned in the beginning, you can use your computer for two-factor authentication see article [Two-Factor Authentication to 3Engines Cloud site using KeePassXC on desktop](Using-KeePassXC-for-Two-Factor-Authentication-on-3Engines-Cloud.html.md).
Either using mobile device or computer to authenticate, you will be logged into Horizon. You will then need to activate access to 3Engines Cloud cloud API functions and be able to run **3Engines** command. Please see article [How to activate 3Engines CLI access to 3Engines Cloud cloud using one- or two-factor authentication](How-to-activate-3Engines-CLI-access-to-3Engines-Cloud-cloud-using-one-or-two-factor-authentication.html.md).
To learn how to manage your TOTP secret key, visit the following article: [How to manage TOTP authentication on 3Engines Cloud](How-to-manage-TOTP-authentication-on-3Engines-Cloud.html.md) - it can be useful if you, for instance, want to use a different method of authentication, are unable to extract your secret key from currently used piece of software such as FreeOTP and do not have your secret key backed up in a readable way.
Reference in New Issue View Git Blame Copy Permalink