How to Set Up Two-Factor Authentication in the Antispam Portal

Two-factor authentication (2FA) is an additional layer of security used to protect your SpamTitan account from unauthorised access. If 2FA is enabled, a user provides their username and password on login and then must also provide an additional piece of information known only to them. This additional piece of information is a one-time password, regenerated every thirty seconds.

Go to Settings > User Management > Two-Factor Authentication (2FA) to manage 2FA settings.

Important

If you are a SpamTitan Gateway client using 2FA, it is recommended you use NTP (Network Time Protocol) synchronisation to ensure your system clock is in sync. It is not possible to log in using your 2FA device if your system clock drifts out of sync. However, your backup codes will still work.

Go to System Setup > Time > NTP to enable NTP.

Follow the steps below to set up the Two-Factor Authentication:

1. Before continuing, you must download and install an authenticator phone app. 

2. Scan the QR code using the authenticator app 

Note: If you are unable to scan the QR code, manually enter the OTP (One Time Password) secret provided in the OTP secret field

3. In the code, enter the code generated from the authenticator phone app. 

4. Click Register.

Recovery Codes

A set of recovery codes are generated when 2FA is enabled. Store these codes carefully as they are the only way to access your SpamTitan account if the device you registered 2FA on is lost.

The recovery codes are one-time use and they must be used in sequential order.