At Cloud.net we understand how important security is. You only have to look at recent events in the news to see what can happen when Internet services don’t have multiple layers of security, allowing unauthorized people gain access to your data and information.
So today, we are happy to announce that we have just finalized and deployed our two-factor authentication system.
What is two-factor authentication?
Two-factor authentication (a.k.a. multi-factor authentication, or TFA, T-FA, or 2FA) is a way to verify your authenticity by providing two ways to identify yourself to the system to gain access: something you know plus something you have.
Something you know is usually a password or a PIN. That’s often the way people gain unauthorized access to your information, by doing brute force trials to guess what it is, or getting hold of it from a place where it has been written down, stored in a file or leaked.
Something you have is different. It’s a device or item you must have in your possession. It can be as simple as a fob, or something more complex, like an application that randomly generates the second part of the access – this is now widely used by the banking industry. The point is, access depends on a physical something that you have on your person.
Cloud.net two-factor authentication
So here’s how it works at Cloud.net. The first part of the two-factor authentication is your Cloud.net password. The second part is provided by the Google Authenticator App running on your Android or iOS phone. It’s an App that you pair with your account here at Cloud.net.
The App creates random tokens on your phone that refresh every 30 seconds, and during that 30 second window you can enter the token displayed to log in to your Cloud.net control panel. Only your phone, that is paired with your account, can generate the correct token. Otherwise access is denied. So in order for anybody to gain access to your account, they will need both your password, and your phone with the paired App.
How do you enable two-factor authentication?
First you login to your Cloud.net account at https://jager.cloud.net:
Now select “Account” from the left side menu. You will notice a new section at the bottom for two-factor authentication. Click on the “Manage Two Factor Authentication” button:
Now you are taken to the area where you will see a QR Code. You must scan this code with your Google Authenticator App, which you can grab here:
Once you have installed the App on your device, just follow the instructions to add a new site. The App will prompt you to scan the QR Code. Once scanned you are presented with a Token that you must immediately enter in the Token field in Cloud.net:
Once you enter the token, just click the “Enable Two Factor Authentication” button and you’re done. The next time you log in to your account, you will be presented with this view after you enter your username and password:
This will require you to open the App on your phone and enter the Token being displayed at the time. Then you’ll have access to your control panel.
But what happens if you lose your phone?
If you lose your phone you can still log in using “Recovery Tokens”. These can be downloaded on the two-factor authentication section of the cloud.net, but you must ensure you keep these tokens well protected. As an alternative, you can contact firstname.lastname@example.org with a copy of your ID, and request that we disable your two-factor authentication so you can log in again.
If you do lose your phone and you use the recovery tokens, you should immediately access your account here at Cloud.net, and reset your two-factor authentication. This will ensure the pairing done with your old phone will no longer be valid.
We hope you appreciate this additional security layer. Feel free to provide feedback at http://feedback.cloud.net!