InstaSafe Authenticator - Adding a QR Profile
Further, ISA supports various authenticator apps to provide Time-based OTPs (TOTP) for Two-Factor Authentication. This would effectively eliminate the dependency on mobile networks for SMS OTPs and avoid deadlock scenarios where users can access corporate email for email OTPs only after the ISA User Agent is connected.
InstaSafe Authenticator supports TOTP-based authentication. The Authenticator supports iOS and Android devices. The Authenticator supports adding a user profile by entering the username and password or by scanning the QR code of the user from the user’s profile page on the ISA web portal.
Opening the QR code on the ISA web portal
Open a web browser and open the ISA web console login page.
Enter the username and password of the user.
Click Sign In.
When the user is prompted to select a method to receive the OTP, select OTP via SMS or OTP via Email.
Enter the OTP obtained in your email or via SMS.
Select Verify OTP.
Once logged in, click the user profile on the top right side of the screen.
Select QR Code. The QR code option is listed only if Two-Factor Authentication is enabled for the user.
The QR code is displayed.
On your mobile device, open the InstaSafe Authenticator app. For more information on installing and configuring InstaSafe Authenticator, refer to the KB article, Installing and configuring the ISA Authenticator app
Select Login with mPin or use biometric authentication.
Enter the pin.
Select Verify.
At the bottom right, select the plus (+) icon.
Select Add Profile.
Select QR Code.
Allow camera access.
Scan the QR code displayed on the web portal.
Once the QR code is verified, the user is added to the app. The TOTP for the user is displayed.
- Back on the QR code window of the ISA web portal, enter the TOTP in the field under the QR code.
Click Submit.
Once the OTP is verified, a message that the OTP is verified successfully is displayed at the bottom-left of the screen.
The QR code is now attached to the authenticator app and is not available for scanning by other authenticator apps. However, manually adding the user to an authenticator app using the username and password is still possible. To verify, click the QR code option again.
Open a web browser and go to the ISA web console login page. Enter the username and password of the user and sign in.
When the user is prompted to select a method to receive the OTP, select TOTP on Authenticator.
Do not select Approve Push Notification on Authenticator, it’s supported only on InstaSafe Authenticator.On the InstaSafe Authenticator, copy the OTP generated.
On the OTP prompt window, enter the OTP generated on the InstaSafe Authenticator app.
Select Verify OTP.
The user is successfully logged into the ISA web console.
When a QR code is attached to the authenticator app of a user, it becomes disabled and inaccessible for scanning by other authenticator apps. While this safeguards the user's QR code from unauthorized access, it can pose a challenge if the user's mobile device is lost or breaks down. In such situations, the user may need to install the authenticator app on a new device but won't be able to scan the disabled QR code. In these cases, the ISA web portal administrator can re-enable and generate a new QR code. The following section provides instructions on re-enabling the QR code.
- Login to the ISA web portal using administrator credentials.
- Navigate to the USERS & GROUPS > Users page.
- Click the name of the user you want to re-enable QR code for.
- On the user’s window, click Re-enable QR.
- On the pop-window to confirm, click Yes, Enable QR!
Enter the username and password of the user.
Click Sign In.
When the user is prompted to select a method to receive the OTP, select OTP via SMS or OTP via Email.
Enter the OTP obtained in your email or via SMS.
Select Verify OTP.
Once logged in, click the user profile on the top right side of the screen.
Select QR Code.
The new QR code is displayed.
Conclusion
InstaSafe Authenticator enhances secondary authentication by way of Time-based One-Time Password (TOTP).
Related Articles
Unable to View and Scan QR Code and integrate Authenticator App. Error: "Please contact your admin to view the QR code again"
The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number. Users are encouraged to ...Integrate InstaSafe Authenticator for Two-Factor Authentication (2FA) with Biometric Verification in ISA
The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number. Users are encouraged to ...Integrate Microsoft Authenticator for Two-Factor Authentication (2FA) in ISA
The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number. Users are encouraged to ...Integrate Google Authenticator for Two-Factor Authentication (2FA) in ISA
The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number. Users are encouraged to ...Integrate LastPass Authenticator for Two-Factor Authentication (2FA) in ISA
The Administrators of an organization might choose to increase the security posture with InstaSafe's built-in Two Factor Authentication that would prompt users for an OTP delivered to the registered Email ID and mobile number. Users are encouraged to ...