Netsparker Cloud users can enable two-factor authentication, or as also known two-step verification to add an extra layer of security to their Netsparker Cloud account. When you enable two-factor authentication, when logging in to Netsparker Cloud you will be asked for your password and a one-time code. Configuring it is very easy, as I will explain in this article.
Enable Two-factor Authentication on Netsparker Cloud
- Login to your Netsparker Cloud account
- Click on the Security node under Your Account menu entry and click on Enable two-factor Authentication.
- Install a two-factor authentication app on your phone. A popular choice is Google Authenticator and you can download it from Google Play or Appstore.
- Once you install the app on your phone launch it and scan the QR Code displayed on your Netsparker Cloud dashboard, as highlighted below.
- Once scanned the mobile app should add a Netsparker Cloud verification code entry as seen in the below screenshot (the screenshot was taken using the Google Authenticator app).
- Enter your Netsparker Cloud password in the Current Password input field and the 6 digit code showing on your mobile app in the input field underneath.
- Click Configure to finalize the setup.
The next time you login to Netsparker Cloud you will be asked for your email and password as per usual, and then you will be asked for the one time code from your mobile app. Should you not be able to access the mobile app during login use one of the recovery codes as explained in the following section.
Recovery Codes for Netsparker Cloud Two-factor Authentication
Once you setup two-factor authentication in Netsparker Cloud, the service will generate ten recovery codes as highlighted in the below screenshot.
Copy the recovery codes and keep them in a secure place where only you and other trusted users can access. Recovery codes are only needed when you need to login and do not have access to the two-factor authentication mobile app to generate a one time code.
Using the Recovery Codes
If you need to login to Netsparker Cloud and you do not have access to the mobile app to generate a one time code, enter your email and password and when asked for the one time code specify one of the recovery codes.
A recovery code can only be used once and should you use all recovery codes disable and enable two-factor authentication again to regenerate new recovery codes.