What is Multi-factor authentication (MFA)?
To keep online accounts secure, we lately see more services adopting MFA, e.g. MFA was recently enabled for the SAP Ariba developer portal. MFA adds an additional layer of protection when accessing a website/application, as it will require two pieces of evidence (password + OTP), instead of just one (password), to grant you access to a website/application. For example, lets assume that you have enabled MFA to access an online service, even if the password you use to login to the service has been compromised, your account will still be secure/inaccessible as it will require an additional piece of evidence, e.g. OTP, to grant you access to it.
Enable MFA in your SAP account
You might be aware that SAP accounts support multi-factor authentication. If you haven't enabled it, I encourage you to do so to keep your account secure. You can do this by visiting https://accounts.sap.com to manage your profile. When you enable MFA, you can configure Time-based One-time Password (TOTP) 2FA and although the SAP Authenticator app is suggested as a means to generate the OTP, it is not the only application you can use to generate the passcode.
Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. Source: Wikipedia - Time-based one time password.
What is in the QR Code?
If you retrieve the text in the QR Code, the content will look something like the following:
otpauth://totp/accounts.sap.com:myemail@xyz.com?secret=HXY8AABBCCDDHUCKVPJZCB4D7GW2YN1E&issuer=accounts.sap.com
This long string follows a URI (Uniform Resource Identifier) string format, see URI specification RFC 3986 and it is a standard, which is why it is commonly used by multiple online services and will enable you to get an OTP using different application/services. Lets unpack the URI:
Now, let's get back to how to generating an OTP.
Generate a OTP
It is common to suggest using a mobile application for 2FA, e.g. SAP Authenticator, but even a mobile device is not necessary to configure the secret key and generate the passcode required for 2FA. Below I will list a few mobile applications/services that you can use to generate OTPs. As explained before, this is a standard therefore it is possible to generate an OTP with multiple applications/services. It is likely that you already use one of the applications/services listed below and it is just a matter of configuring a new account on them.
Now that you are familiar with multi-factor authentication and know different applications/services you can use to generate OTP, make sure you enable it for all services that offer the functionality so you can keep your online accounts secure.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
38 | |
19 | |
14 | |
12 | |
10 | |
10 | |
10 | |
8 | |
8 | |
8 |