How to set up two-factor authentication for Aruba Instant On
No one wants their passwords stolen or their accounts compromised. That’s why two-factor authentication (2FA) has become popular as a second layer of protection, making it harder for attackers to break into your digital accounts.
You might already use 2FA to protect access to your business applications, bank account or your personal email. And if you don’t already use 2FA to protect your Aruba Instant On administrator accounts, we recommend you set it up now.
With 2FA, you use your password plus an additional authentication step to keep your accounts secure. You might use a mobile authenticator app, a USB key that plugs into your device, an SMS passcode or your fingerprint to verify you are who you say you are, but the general steps are similar:
- You log into a website or digital service with your username and password
- Your password is validated by an authentication server, and if correct, you become eligible for the second authentication factor
- The authentication server sends a unique login code (a one-time passcode, or OTP, which is valid for a limited number of seconds) to your second-factor method, such as an authenticator app, which you have already registered while setting up 2FA
- You confirm your identity by providing the additional authentication for the second-factor method and then you are allowed to log in.
Secure your Aruba Instant On account with 2FA
Turning on 2FA to protect your Aruba Instant On administrator accounts is simple and smart.
Start by logging onto the Aruba Instant On portal, then navigate to Account Management in the right corner after login (see below).
Under the Password and Security option, click on Set Up Two-Factor Authentication. A pop-up window will appear like the one below, which provides the QR code or key that should be scanned by the authenticator app. You can also enter the key manually.
Once you click, a recovery code is also presented. Make sure you make a note of this recovery code and check the box to save the password. If you lose access to the account (it happens to the best of us), you will not be able to recover access without this code. Take this step now to avoid frustration later.
Enter the OTP provided by the authenticator app and click Activate two-factor authentication.
After the one-time password is successfully validated, 2FA will be enabled for your Instant On administrator account.
Once 2FA is enabled, your portal login screen will prompt you for the one-time password from the authenticator app each time you logon. Security is on!
Simple steps to ensure account recovery
When you are setting up 2FA, it’s very important to take note of the recovery code from Instant On. 2FA is enabled for each administrator account, not for the entire site.
You can inadvertently lock yourself out of Instant On admin access if you:
- Don’t write down the recovery code when you enabled 2FA
- Use a new phone but don’t transfer the authenticator accounts
- Lose your phone and you can’t transfer your authenticator account and didn’t make a note of the recovery code
You can safeguard access by having another administrator account created for the same site, which can be used later to log in, manage and transfer ownership. Each Instant On account can have up to three administrator accounts.
If you lose access to your admin account, there is no other way to gain access except to use another account and re-create the site to retain access.
Consider using a cloud-based authenticator
A convenient way to ensure that you don’t get locked out of your Instant On admin account is to use a cloud-based authenticator app like Authy or Microsoft authenticator app as an example.
You typically set up your account for the cloud-based authenticator using your mobile number, then your account is verified through WhatsApp, SMS or a phone call. Then add Instant On to your list of accounts, and set up a password that can be used for account recovery.
With a cloud-based authenticator, you can present your second-factor authentication from any device, and from anywhere, even if you lost the original recovery code. If you lose your phone or get a new one, you can quickly deauthorize your accounts.
So download Authy or any other cloud-based authenticator apps from Apple Store or Play Store and get your security—and recovery—on!