This article will provide instruction to enable Two-Factor Authentication for MyZyxel/Nebula portals using an authenticator app.
Supported Services
MyZyxel Portal
Nebula CC
Overview
Two-Factor Authentication adds another level of security to the MyZyxel portal page and Nebula Cloud Controller by requiring users attempting to login to the account to also provide a 6-digit randomized code to confirm identity. Zyxel provides two options to obtain an OTP token:
Accessing 2FA Feature
Go to https://portal.myzyxel.com and login to your MyZyxel account.
Once logged in click on the user icon on the top right or the window and select the Manage account option.
From the account menu click the "Two-Factor Authentication" option on the left of the window.
By default, this option is disabled. You have the option to have a 2FA code emailed to you or use an authenticator app to generate the code. There are several authenticator apps you can download, Google Authenticator is the most popular, but it is recommended that you download an authenticator app with backup capability. Google's authenticator app does not have backup capability (at time of writing), this means that if anything happens to the device where the app is installed, you will lose the ability to authenticate using 2FA. An authenticator app like "Authy" is recommended for this very reason. Authy allows you to backup 2FA accounts to the cloud and sync to several devices.
Using Authenticator App
To enable the Two-Factor Authentication feature, do the following:
- Toggle the switch to enable the "Two-Factor Authentication" feature.
- Select Google Authenticator.
- Download an authenticator app if you don't have one yet.
- Open the authenticator app on your device and scan the QR code.
- Once the authenticator app is configured it will begin to provide authentication pin numbers. Enter the 6-digit code (PIN) and click the Verify button. This will sync the codes from the authenticator app with myZyxel.
- Once the setup has been successful you will be provided with 10 backup codes, in case you lose authenticator device. Click the Download option to save a copy of the codes to your computer. Each code can only be used one time.
- If all backup codes are used, you click the Generate New Code option to issue 10 new backup codes. Download the new codes after generating.
Now when you attempt to login to MyZyxel or Nebula Cloud account you will be prompted for a 2FA code after entering the correct username and password.
Using Email Code
To enable the Two-Factor Authentication feature, do the following:
- Toggle the switch to enable the "Two-Factor Authentication" feature.
- Select Email Verification.
- An email will be sent to the myZyxel registered email address. Enter the 6-digit code to verify email and click the Verify button.
- Enter a backup email account in the "Backup email" field and click Next.
- Two-Factor Authentication using email address is now configured. Click Save to apply the settings.
Now when you attempt to login to MyZyxel or Nebula Cloud account you will be prompted for a 2FA code. An email will be sent to your primary email address (myZyxel registration email).
If for some reason your primary email account is down, select the option to "Use Backup Email Address". A 6-digit access code will be sent.
Backup Codes
The "Backup Codes" are needed in case you do use an app such as Google Authenticator and your device is lost or damaged in a way that will prohibit you from obtaining a 2FA code from the app. A backup code from the list of 10 can be used for the 2FA process so you can access the admin screen and reconfigure your 2FA settings with your new device.
Comments
0 comments
Please sign in to leave a comment.