Two-factor email authentication sends a randomly generated six digit numeric code to the specified email address. Enter that code when prompted at logon. This token code is valid for 60 seconds. If you enter this code after that time,it will not be accepted.
A benefit is that you do not require mobile service to authenticate. However, a potential issue is if your email server does not deliver the email before the 60 second life of the token expires.
The code will be generated and emailed at the time of logon, so you must have email access at that time to be able to receive the code.
To configure an email provider – web-based manager:
1. Go to System > Config > Advanced > Email Service.
2. Enter SMTP Server and Default Reply To address.
3. If applicable, enable Authentication and enter the SMTP User and Password to use.
4. Select a Security Mode, options are: None, SMTPS or STARTTLS.
5. Enter the Port number, the default is 25.
6. Select Apply.
To configure an email provider – CLI:
config system email-server
set server <server_domain-name>
set reply-to <Recipient_email_address>
end
To enable email two-factor authentication – web-based manager:
1. To modify an administrator account, go to System > Admin > Administrators. To modify a user account go to
User & Device > User > User Definition.
2. Edit the user account.
3. Enable and enter the user’s Email Address.
4. Select Enable Two-factor Authentication.
5. Select Email based two-factor authentication.
6. Select OK.
If Email based two-factor authentication option doesn’t appear after selecting Enable Two-factor Authentication, you need to enable it via the CLI as follows.
To enable email two-factor authentication – CLI:
config user local edit <user_name>
set email-to <user_email>
set two-factor email end