Introduction
Welcome to our fictional social network Veebr. Today’s goal is to create an account and implement 2FA. But first you need to download an app!
Why download an app? For 2FA, you need something you know (your password), and something unique - in this case a code generated by an app.
The something unique created through the app creates a “Time-based One-Time Password” (TOTP). The code only works once, and only within a certain time frame. You might already know the Google Authenticator app, which generates these codes, but there are a number of different apps that offer TOTP.
For this exercise, you need to download FreeOTP:
If you are already using the authenticator app, you can use this for the exercise instead.
Now that you have a TOTP app installed on your mobile device, you need to create an account on Veebr. Do this by clicking on sign up in the next page, and then just follow the process.
Veebr login
Thank you for signing up.
Please enter your username and password to log in.
Register your free Veebr account
Please enter a unique username and a strong password.
Veebr
Welcome! Before you explore the platform, you need to enable 2FA. Go to Settings and follow the instructions.Settings
Our social network doesn't have many settings yet, but we do offer 2FA. Protect your account by enabling this.
Two-factor authentication (2FA)
2FA is enabled for this account. Use your FreeOTP app to generate a token and continue.
Sorry..
That code is not correct, please go back and try again.
Registration
When you register a TOTP token, you are usually presented with a QR code just like the one you can see below.
Go ahead and start up the FreeOTP Authenticator App. Then tap on the small QR-code icon in the top right corner:
Now aim the camera at the QR code and wait for the App to recognize the QR code. Sometimes moving the camera a bit backward or forward can help focus the image.
Once the app has scanned the QR code, continue to the next step.
Verification
After you have registered 2FA, the next step is to verify that the QR code was scanned correctly. You do this to prevent being locked out of your user account.
How do you verify that the app has correctly scanned the QR code? Generate a TOTP token by tapping on the entry in the app. This token is a code consisting of 6 numbers.
Tip: Next to the code there is a clock. Remember the Time-based One Time Password has an expiration date. When the clock runs out, a new token will be generated - so if there are only a few seconds left on the clock, wait for the next token.
When you are ready, enter your token (6 number code) here:
Congratulations
You have successfully verified that you can use the token you just configured in the FreeOTP App!
To continue with this exercise, please logout of Veebr and log back in.
Sorry..
That code is not correct, please go back and try again.
Something went wrong..
Something appears to have gone wrong, sorry about that! If this continues to happen to you please report it to your course mentor.