Activating Two-Factor Authentication

Two-factor authentication (2FA) enhances security and meets key compliance standards.

What is two-factor authentication?

The two-factor authentication (2FA) adds another security level to the login via user name and password by requiring the additional input of a one-time password to login to the portal of the icom Router Management. The password will be generated by an app on a separate device (e.g. smartphone) via the TOTP (Time-based One-time Password) algorithm. The user account of the icom Router Management must be registered one-time in the app for this. TOTP is an open standard and a variety of apps are available for various platforms such as the Open Source software FreeOTP.

Setting up two-factor authentication

There are two options for setting up two-factor authentication:

• By the user himself for his user account

• By a user with administrator rights for the entire organisation

How to set up two-factor authentication for your user account

Follow these steps to set up two-factor authentication for your user account.

1. Log in to icom Router Management.

2. Open the Administration → My User Profile page.
   

3. Click on Set up 2FA.
   

4. Scan the code using the authentication app on your mobile phone.

5. Enter the code displayed in the app and click on Activate.
   

6. Please read the instructions carefully, download the recovery codes and keep them in a safe place.

7. Click on Close.

You have now enabled two-factor authentication for your account. The next time you log in, after entering your username and password, you will also need to enter the one-time code generated by the app.

How to disable two-factor authentication for your user account

You can disable two-factor authentication at any time by clicking on Deactivate 2FA. To disable it, you will need to enter a one-time code generated by the app.

How to set up two-factor authentication for the entire organisation

Necessary rights!

To set up two-factor authentication for the entire organisation, you must have administrator rights in icom Router Management.

Follow these steps to set up two-factor authentication for the entire organisation.

1. Log in to icom Router Management.

2. Open the Administration → Settings page.
   

3. Click on Enforce 2FA.
   If 2FA has not yet been set up for your user account, you must set it up now, as described in step 3 above.

You have now enabled two-factor authentication for the entire organisation. Users who have not yet set up two-factor authentication for their own user account will need to do so the next time they log in.

How to disable two-factor authentication for the entire organisation

You can disable two-factor authentication for the entire organisation at any time by clicking Deactivate 2FA as mandatory. To deactivate this, you must enter a one-time code generated by the app. This simply removes the requirement for users to set up 2FA if they have not already done so. Users who already have 2FA enabled must manually deactivate 2FA for their user account.

Checking 2FA settings for individual users

Users with administrator rights can see which users have enabled two-factor authentication in the 2FA column of the user list on the Administration → Users page.