Access Keyword 2FA explained
How to enable/disable Access Keyword 2FA (Two-factor Authentication)in Ezeelogin?
Access keywords is a two-factor mechanism used for securing the GUI and the ssh backend. Ideally, it would be phrases that can be easily remembered. They should never be written down and should be stored only in your memory.
How to enable Access Keyword 2FA (Two-factor Authentication) in Ezeelogin?
Navigate to Settings -> General -> Two Factor Authentication -> Enable Access Keyword.
Example of phrases that can be used for Access keywords would be a phrase like "top dog bites".
The access keyword can be set by the user as follows. The access keyword should have a minimum of 10 characters and at least 4 unique characters.
Once set the web GUI would ask for the characters from 3 different positions while authenticating. As you can see below, we need to enter the characters from the first, seventh, and twelfth positions within the phrase.
As, you can see, we had used the phrase "top dog bites",so we would enter the character that would come in the first, seventh, and twelfth positions within the phrase, which would be 't', 'g', and 'e'. Note that, space is a character and would be counted. For, example the character in the fourth position would be the space character in which case we would simply enter the 'space' key.
The access keyword would have to enter to access the backend shell as well. In this case, we would need to enter the characters in the fourth, eighth, and twelfth positions within the phrase. Looking at the phrase "top dog bites", it would be the space character, the space character again in the eighth position, and 'e' in the twelfth position.
How to disable Access Keyword 2FA (Two-factor Authentication) from the backend?
Run the below commands to disable and clear google authenticator. Replace username to disable access keyword for that user.
This error happens when we enforce Two-Factor authentication without enabling any of the Two-Factor authentications. Run the following command to disable Force Two Factor Authentication.
[email protected] ~]# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings SET value = 0 WHERE name = 'two_factor_auth'"
[email protected] ~]# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_usergroups SET force_tfa = 'N'"
How to disable Access Keyword 2FA (Two-factor Authentication) from the GUI?