Skip to main content

Protect Account with TOTP (Time-Based One-Time Password)

How to enhance user's security by using TOTP (Time-based One-time Password)

Ridho Alamsyah avatar
Written by Ridho Alamsyah
Updated over a year ago

When logging in to your DealPOS, you must fill in the password field as authentication to log in. In addition to using a password, you can also improve the security aspect of user login authentication by using TOTP (Time-based One-time Passwords).

TOTP stands for Time-based One-Time Passwords and is a common form of two-factor authentication (2FA). Unique numeric passwords are generated with a standardized algorithm that uses the current time as input. The time-based passwords are available offline and provide user-friendly, increased account security when used as a second factor.

When you're using the TOTP as the second authentication for login, There will be an additional pop-up for inputting the TOTP after you input the user and password in the login page. You can set the TOTP on your DealPOS user by following the steps below.

I. TOTP Configuration

Step 1. Click Store Name, Choose My Profile, then Select TOTP Tab

My Profile

Step 2. Install Authenticator Apps on Mobile Phone

Before you start using TOTP authentication, you have to install the Authenticator Apps on your mobile phone to generate the TOTP. We recommend you to install the Authenticator Apps on your mobile phone using Microsoft Authenticator.

Microsoft Authenticator

Step 3. Click Add Account

Add Account

Step 4. Click Other Account

Other Account

Step 5. Scan QR Code Account on TOTP

Go back to the TOTP menu on DealPOS, and scan the QR code with the Authenticator app.

My Profile

Step 6. Input a 6-digit Code from the Scanned QR in the Validate form then Click Validate

Validate Token

The validation is successful and you can try to log out and log in again to see the update.

Validate Success

II. Using Authenticator

Step 1. Login to DealPOS then Input the Authentication Code

See the TOTP code from the authenticator apps. The code will be changed within a certain time. If the TOTP code is Right, the user will be directly login to DealPOS

Enter TOTP

Step 2. The user was Signed In Successfully

The user will successfully Log in and it will be directed to the Dashboard menu.

Login Success

III. Disable the TOTP Feature (via My Profile)

Step 1. Click Store Name, Choose My Profile, then Select TOTP Tab, and click on the Disable Two Factor Authentication button

Disable Two-Factor Authentication

Step 2. Click Disable Two-Factor Authentication

Disable TOTP

Step 3. TOTP was Disabled

TOTP Disabled

IV. Disable the TOTP Feature (via User menu)

Step 1. Go to the user menu and click on the user whose TOTP is active

Disable TOTP via User

Step 2. Click the Edit button

Edit User

Step 3. Click on the 2 FA menu, tick the Enable button to be not active, and click Update

2 FA Disable

Related Articles

  • If you want to set the login time restriction to restrict users from being able to enter/use the system on the time or day that you specify, you can see this article: Login Time Restrictions

  • You can also set the IP restriction. To set the IP address restriction you can follow this article: Setting Login IP Restriction

  • You can set the auto logout time when the user is idle, To set the logout time you can see this article: Access Token Expires in Configuration

  • If you forgot your password, this article might help you: Forgot my Password Feature

  • If you have a Google Mail account, you can log in with your Google Mail account. To log in using Google Mail, you can follow the steps in this article: Log in with Google Mail

dealpos-demo-indonesia

Did this answer your question?