Skip to content

Installing and Configuring the InstaSafe Authenticator App

An organization may choose to increase their security posture with InstaSafe Secure Access’s (ISA) built-in Two Factor Authentication (TFA) that will prompt users for an OTP delivered to the registered email address and mobile number.

Further, ISA supports various authenticator apps to provide Time-based OTPs (TOTP) for Two-Factor Authentication. This would effectively eliminate the dependency on mobile networks for SMS OTPs and avoid deadlock scenarios where users can access corporate email for email OTPs only after the ISA User Agent is connected.

InstaSafe Authenticator supports TOTP and push notification-based approval. The Authenticator supports iOS and Android devices; however, the MFA push notification menu is not displayed for MacOS and Linux users. Instead, the OTP field is displayed without giving the option to the user to choose the method to receive the OTP.

This article provides guidance on how to configure the InstaSafe Authenticator app for Two-Factor Authentication (TFA).

Installing the InstaSafe Authenticator app

  • Locate InstaSafe Authenticator in App Store or Play Store.
  • Select the download icon.

  • Select Open

Setting mPin

  • In the pop-up window, select Allow.

  • When the app opens, select Authenticate on the home screen.

On the Setup mPin, enter a pin to login to the app and confirm it.

  • Select Save.

  • On the home screen, select Login with mPin.

  • Enter the login pin created earlier.

  • Select Verify.

Adding the ISA Profile

  • Select the plus (+) icon.

Select Add Profile.

  • Select ISA.

  • Enter the sub-domain provisioned to your organisation by InstaSafe.

  • Select Submit.

  • You will be redirected to the ISA authentication page. Enter the username and password of the user.

  • Select Sign In.

Note: If Two-Factor Authentication is enabled for the user, a menu is displayed with methods to obtain the OTP. Select SMS or email to receive the OTP. The MFA push notification menu is not displayed for macOS and Linux users. Instead, the OTP field is displayed without giving the option to the user to choose the method to receive the OTP.

  • Once the user is successfully authenticated, the user is added to the app. The TOTP pin for the user is displayed. A new TOTP pin is generated every 30 seconds. Use the pin for secondary authentication when accessing the ISA web console or connecting the ISA User Agent.

Testing

  • Open a web browser and log into the ISA web console.
  • Enter the username and password of the user and sign in.

  • When the user is prompted to select a method to receive the OTP, select TOTP on Authenticator.

  • On the OTP prompt window, enter the OTP received via the InstaSafe Authenticator App.

  • Click Submit to the submit the OTP.

  • If the option Approve Push Notification on Authenticator was selected, select Approve on the push notification received on the InstaSafe Authenticator App.

Authenticator Devices on the ISA Web Console

When an authenticator device is installed and a user profile added manually to it, as opposed using the QR code, the ISA web console administrator can view the device and the users added to it under the DEVICES & CHECKS > Authenticator Devices page.

_Note: Users with the authenticator app installed and authenticated are displayed on this page only if the user is authenticated manually. If authentication is using the QR code, the user is not displayed on this page. _

The administrator can choose to delete a user. To delete a user:

  • Select the user by clicking the checkbox against the user.

  • Click the Delete button at the top.

  • Click Yes, Delete it! on the confirm pop-up.

Administrators can download the user list by clicking the CSV button at the top.

  • Click the CSV button at the top.

  • An email will be sent to the email address configured in the user profile of the logged in administrator. The administrator will receive the following message at the bottom left of the page:

  • The logged in administrator will receive an email as under

  • Click the Download File button or click the link below and open the file in a spreadsheet application

Conclusion

InstaSafe Authenticator enhances secondary authentication by way of Time-based One-Time Password (TOTP) and push notification-based approval.

Comments