Two-factor authentication

Edit online

An administrator can enable two-factor authentication for all users, which includes designating the default method for two-factor authentication.

Operations management supports the following methods for two-factor authentication:
Email
The email address that you define for obtaining the one-time password can be the same email address that is used as the username or a different one. After your first-time login, you can change which email address to use for two-factor authentication.

If you enable Email, authenticate an email address, which is either the username that is used for login or another email address that you can access to obtain the one-time password. After the email address is successfully added, it is shown in the Email authentication section.

To add another email address, click Add an email to authenticate another email address.

To remove an existing email address, click the Delete icon.

Authenticator application
You can use one of the following third-party authenticator applications:
  • FreeOTP
  • Google Authenticator
  • Microsoft Authenticator

After your first-time login, you can change which authenticator application to use for two-factor authentication.

If you enable Authenticator application, the Authenticator application" page is shown. Complete the following steps:
  1. Install the authenticator application that you want to use. You can use multiple applications or one single application to authenticate different devices.
  2. Open the authenticator application to scan the QR code.
  3. Enter a device name. If you omit the device name, operations management generates a default device name.
  4. Enter the one-time password that is generated by the authenticator application. After the authenticator application is successfully added, it is shown in the Authenticator application section.

You can use the existing application to authenticate another device. To add another authenticator application, click Add an authenticator application.

To remove an existing authenticator application, click the Delete icon. If you want to unbundle that application from operations management, you must also remove your account within that authenticator application.

Tip: If two-factor authentication is enabled when new users log in to operations management for the first time, they must configure two-factor authentication by using the default method that the administrator designated. After users configure their two-factor authentication, they can change their two-factor authentication method, as described in Logging in to the GUI.