IBM Support

QRadar EDR (formerly ReaQta): Managing two-factor authentication

How To


Summary

This article describes how to enable and disable two-factor authentication for QRadar EDR (formerly ReaQta) Hive dashboard users.

Steps

Enable two factor authentication

Two-factor authentication can be enabled at the time of  creating a new user, as described here, or later from Manage Users page.
Steps to enable two-factor authentication from dashboard GUI:
  1. As an administrator user, go to Administration > Manage Users.
    createuser1
  2. Click the user that you want to enable two-factor authentication. A user details page appears. Select View User.
    view user
  3. Click the edit symbol against 2FA on Profile section of the user.
    2fa
  4. In the dialog box that appears, toggle the Require for this user option.
    toggle
  5. Once it is enabled, you see the following message, which indicates it is required for the user:
    not enabled
  6. For the user that you enabled two-factor authentication for, these steps must be performed to set it up.
    1. The user is presented with the following message to set up two-factor authentication.
      image-20220401140839-1
    2. Click Start Setup.
    3. You are asked to confirm your password:
      image-20220401140927-2
    4. Next, you are presented with a QR code, which you can scan by using any application that can generate six-digit time-sensitive passwords. Scan the code and enter the 6-digit TOTP (time based one-time password).
      otp
    5. Click Confirm.
    6. You would be presented with recovery codes, which can be used in case you lose access to second-factor device.
      recovery
    7. Finally, you are presented with a license agreement page followed by changing the temporary password with a permanent one.
  7. Now you are able to log in to the dashboard with two-factor authentication required every time.
  8. Alternatively, nonadministrative users can enable two-factor authentication for their account.
    1. If you log in as nonadministrative user for the first time, you are presented with a license agreement page followed by changing the temporary password with a permanent one.
    2. Go to User account icon on upper right of the dashboard and click My Profile.
      image-20220401143119-3
    3. Click the edit symbol against 2FA on Profile section of the user as mentioned in step 5 previously.
    4. You are prompted to confirm user password.
      image-20220401143505-5
    5. Once confirmed, you are presented with QR code.
    6. Scan the code, enter the TOTP, and download the recovery codes.
    7. Click Done.
    8. Second-factor authentication is now enabled for the user account each time you log in to the system
      image-20220401143810-6

Disable two-factor authentication

Only Administrator users can disable two-factor authentication for all types of users.
Steps to disable two-factor authentication:
  1. As an administrator, go to Administration > Manage Users.
    createuser1
  2. Double-click the user that you want to disable two-factor authentication.
  3. A user details page appears. Select View User.
    view user
  4. Click the edit symbol against 2FA on Profile section of the user.
    image-20220401145856-1
  5. Toggle the Require for this user option and click Remove user's two factor button.
    image-20220401151231-2
  6. Two factor authentication is now disable for the user:
    image-20220401150228-2

Related Information

ReaQta : Creating dashboard users

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVOEH","label":"IBM Security ReaQta"},"ARM Category":[{"code":"a8m3p000000hBSPAA2","label":"Administrative Tasks-\u003EUsers"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Product Synonym

ReaQta

Document Information

Modified date:
17 May 2023

UID

ibm16568697

Page Feedback