Multi Factor
Multi-factor authentication (MFA) is a security system that requires multiple forms of verification to authenticate a user’s identity and grant access to a system. Instead of relying solely on a password, MFA typically combines something the user knows (like a password) with something they have (such as a smartphone or email address for receiving a code).This layered approach significantly enhances security by making it harder for unauthorized users to gain access, even if they obtain one factor of authentication.
Multi Factor Configuration
To go to the Multi Factor Configuration you will need to go to the
System->Tools->Multi Factor->Configuration
To create a new one you will need to Click on Add Configuration button on the top right of the screen.
The following screen will open:
Field Name | Description |
Name | Name of the Configuration |
Type | Type of the Multi Factor Authentication TOTP(APP) or Email |
Enable Groups | Groups that will be able to use Multi Factor Authentication |
Label | Configuration’s Label that will be shown on the app |
Status | Enabled or Disabled. Weather the session is enabled or disabled. |
Note: Both types of Multi Factor Authentication are suggested to be enabled in order to deal with unforeseen events(such as phone out of charge or unable to access email).
Enabling Email MFA in Deepser
Email MFA(Multi Factor Authentication) is possible in Deepser. In order to enable it you will have to choose the type Email in the Multi Factor Configuration.
Field Name | Description |
Name | Name of the Configuration |
Type | Type of the Multi Factor Authentication TOTP(APP) or Email |
Enable Groups | Groups that will be able to use Multi Factor Authentication |
Status | Enabled or Disabled. Weather the session is enabled or disabled. |
Mailbox | The configured mailbox that will be used to send out the code via email |
Mail Template | The email template that will be received via email |
Token Valid Time | The time that the received code is valid for |
After all of the fields are completed, whenever you try to log in the code will be sent to the email of the account.
Now every time you try to log in you will have to enter the MFA code received via email.
Depending on how you have configured the email template, this is how it will look like on the email.
In case you fail to insert the code within the chosen Token Valid Time, the following screen will appear which notifies you.
Useful guides: Out-going mailbox , Email Templates , OAuth Client for Email Integration
Enabling APP MFA in Deepser
In order to activate the MFA in deepser you will need to go to your account settings.
Afterwards you will need to go the Security tab.
To enhance security, Deepser utilizes multi-factor authentication (MFA), which integrates an additional verification step involving a secondary device, typically a mobile phone.
You can verify your identity using an authenticator app like Authy, Google Authenticator, Microsoft Authenticator. For this guide, we are going to use Authy.
Scan this QR code through the app; it will display a 6 digits code which you need to enter below to enable login by app.
Using Authy App, you will have to Add An Account and then scan the QR code shown on account settings of deepser.
After you have scanned it, you would be able to see the configuration settings you set before, which you can also change whenever you need to from deepser or through the app.
After you have saved the settings, the 6 digit code will appear on your mobile screen, which you are required to enter in the Account Security Field.
And after the correct code has been set, you have to click on Verify and the following screen will appear:
Now every time you try to log in you will have to enter the MFA code in the authentication app.
Please note that each verification code generated for Deepser’s multi-factor authentication (MFA) remains valid for 30 seconds, after which a new code is automatically generated.
Authentication Request
Each request for log in is stored and saved in Deepser. You can view it by heading to
System->Tools->Multi Factor->Authentication Request.
Field Name | Description |
User | The user that requested to log in |
Session ID | Unique ID for each log in session |
State | Shows if the log in was verified or not |
Generated At | The date and time the request was generated |
Attempts | How many times did it take for the user to set the correct authentication code |
Last Attempt At | Date and Time the user last tried to log in |
Last User Agent | Web Browser or Application that was most recently used to access Deepser |
Last IP Address | Numerical Label of the most recent device network that was used to access Deepser |
Status | Enabled or Disabled. Weather the session is enabled or disabled. |