What’s the Problem with a Simple Username and Password? 

Traditional way of authentication is only with a username and a password. The main problem with this simple authentication approach is….

“An attacker can get full access to the account, by simply getting hold of your password through a hack or guessing it – normally referred to as social engineering”

The problem gets even worse, if you are using the same username password for multiple login accounts.

So What’s the Solution?

The solution is nothing but Multi-Factor Authentication. ie: Use more than one factor for authentication. In other words, you need one more component apart from the regular password, to prove your identity while authenticating.

Using two-factor authentication requires the user to not only know the regular password, but also something unique to the user. Such as a code generated by the user’s smart phone.

Hence the user needs two factors to prove his identity instead of just one.

What do I need to enable two-factor for my VMCentral Account?

The basic requirement for enabling two-factor for VMCentral is a smartphone application(which will provider the second factor for your authentication to VMCentral, apart from your regular password).

You need to first install a Virtual Two Factor Authentication Application on your smartphone.

Some application for different smartphone types are mentioned below.

Platform	Application Name
Android	Google Authenticator
Windows Phone	Authenticator
iPhone (iOS)	Google Authenticator

How do I enable two-factor for my VMCentral Account?

As security of our customer is one of our primary area of focus, we made enabling two-factor for our users as simple as possible.

Once you are logged into your VMCentral account, navigate to EDIT ACCOUNT DETAILS option as shown below.

EDIT ACCOUNT DETAILS section has several sections such as “My Details”, “Credit Card Details”, “Manage Contacts”, “Security Settings” etc. Click on the Security Settings option as shown below.

Under “Security Settings” section, you will get an option to enable two-factor authentication (shown below)

Clicking the above option will take you to a get started page that will walk you through a two step simple process to enable VMCentral two-factor and integrate it to your smartphone application.

The above shown “Get Started” option will take you to your QR code (A Quick Response Code is nothing but black modules arranged in such a way on a white background, that it can be easily read by an imaging device, such as your smartphone’s camera.)

An example is shown below.

As soon as you scan the QR code using the two-factor smartphone application, it will add this as a new integration to your application, and will start generating authentication token codes.

Once after the scanning of the barcode is done, You can press the “Continue” button shown in the above illustration.

VMCentral needs the user to enter one authentication token code, to confirm the integration status.

Once VMCentral confirms the code you entered as shown above, you will be greeted with a message shown below.

 

As mentioned in the above message, note down the Backup code, as it can be used during a crisis situation (like losing your smartphone or tablet device which has your VMCentral two-factor integration)

The next time you login to VMCentral, you will need to enter the two factor code generated by your smartphone as a second factor for authentication, apart from password(Shown Below).

How do I disable two-factor from my VMCentral Account?

You can disable this feature anytime by simply navigating to “Security Settings”  (shown below)

Note: We do not recommend disabling this feature, as this adds an additional security layer

VMCentral requires you to enter the password for disabling this feature (shown below). Please note the fact that this password is your regular normal password and not the authentication code generated by your smartphone device.

Once you have entered your regular password to disable this feature, you will get a confirmation message (shown below.)

After this you will be able to login using the traditional standard method of only entering your VMCentral username & Password (which is less secure).