| Section |
|---|
| Column |
|---|
| IntroductionSimilar to the Deepnet MobileID, Google Authenticator is an OATH compliant One-Time Password generator. Google Authenticator is officially available on iPhone, Android and Blackberry. Deepnet DualShield authentication server natively supports Google Authenticator, in very much the same way that it supports Deepnet MobileID. This document describes how users can use Google Authenticator with DualShied. This policy provides options that control Google-Authenticator/Time-Based Authentication (another OATH compliant One-Time Password generator that works in a similar fashion to MobileID); The following system policy settings are for the policy "GoogleAuthenticator/Time Based default policies", in the category "GoogleAuthenticator/Time Based";  Image Modified
|
| Column |
|---|
| 
|
|
The GoogleAuthenticator/Time-Based policy settings can be edited by left clicking on the context menu of the policy and selecting "Edit"";
...
| Section |
|---|
| Column |
|---|
| 
|
| Column |
|---|
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| The category for this policy is "GoogleAuthenticator/Time-Based" (this property cannot be edited). |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| The holder of this policy is "System" (this property cannot be edited). |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| The name assigned to identify the GoogleAuthenticator/Time Based default policy by the System Administrator. |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| The System Administrator may use this field to annotate this policy. |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| This option allows the System Administrator to enable or disable this policy. |
|
| Expand |
|---|
| title | Maximum Number of Tokens: |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| The maximum number of GoogelAuthenticataor tokens allowed in a user account (enter "0" if there is no limit). |
|
| Expand |
|---|
| title | Token Lifetime (days): |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| This value indicates how many days the token will be active (enter "0" if there is no limit). |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| 
This value specifies the maximum number of passcodes that can be kept in the History List (this list is used to avoid repeat usage of recent passcodes). |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| This option allows the system administrator to allow users to logon whilst offline. |
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
|  Image Modified
In order to use MobileID Authentication in DualShield, the user must first have a MobileID token in their user account in the DualShield Server. The token can be manually created by the system administrator for the user using the DualShield Management Console or manually created by the DualShield Server if the MobileID's policy is set up to automatically provisioning tokens to users. - Automatically provision token
Automatically create a token for a user when needed.
- Manual
Tokens will be sent manually to users.
|
|
| Expand |
|---|
|
| Panel |
|---|
| borderColor | grey |
|---|
| bgColor | #F8F8F8 |
|---|
| borderStyle | dashed |
|---|
| 
This field determines how DualShield deploys the MobileID client to a user; - Automatically push
DualShield will automatically send the MobileID download link via the specified Message Channel.If the Token Authorisation Code is required and its policy is set to automatically send Authorisation Code, then the Authorisation Code will also be sent in the same message. To complete automatic provisioning of clients you will also need to configure the Message Channel fields "Primary Delivery Channel:" and "Secondary Delivery Channel:"
- Manual
DualShield will not send out a download link to the user (the user will need to find and download the MobileID from app stores).
|
|
Expandable Policy Sections |
|
The expandable sections can be broken down as follows;
EXPIRATION
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Expiration |
|---|
| DualShield6:GoogleAuthenticator: Expiration |
|---|
|
| Anchor |
|---|
| TokenActivation |
|---|
| TokenActivation |
|---|
|
TOKEN ACTIVATION
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Token Activation |
|---|
| DualShield6:GoogleAuthenticator: Token Activation |
|---|
|
| Anchor |
|---|
| ChannelSystem |
|---|
| ChannelSystem |
|---|
|
DELIVERY CHANNELS USED BY THE SYSTEM
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Delivery Channel Used by the System |
|---|
| DualShield6:GoogleAuthenticator: Delivery Channel Used by the System |
|---|
|
DELIVERY CHANNELS AVAILABLE TO USERS
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Delievery Channels Available to Users |
|---|
| DualShield6:GoogleAuthenticator: Delievery Channels Available to Users |
|---|
|
TOKEN DOWNLOAD
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Token Download |
|---|
| DualShield6:GoogleAuthenticator: Token Download |
|---|
|
| Anchor |
|---|
| Synchronisation |
|---|
| Synchronisation |
|---|
|
SYNCHRONISATION
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: Synchronisation |
|---|
| DualShield6:GoogleAuthenticator: Synchronisation |
|---|
|
PIN
| Include Page |
|---|
| DualShield6:GoogleAuthenticator: PIN |
|---|
| DualShield6:GoogleAuthenticator: PIN |
|---|
|