Two-factor authentication (2FA)

PreviousSSL Certificate Management in Binalyze AIR NextPost-Deployment Configuration Guide

Last updated 7 months ago

Was this helpful?

Two-factor authentication (2FA)

In Binalyze AIR, two-factor authentication (2FA) is a security feature designed to enhance user account protection by requiring two forms of verification when logging in. This adds an additional layer of security on top of the traditional username and password. With 2FA enabled, even if a user's password is compromised, unauthorized access to the account is significantly harder to achieve.

Some key points about 2FA in Binalyze AIR:

LDAP User Compatibility with 2FA: Binalyze AIR supports two-factor authentication (2FA) for LDAP users. You can easily configure 2FA directly from the account settings within AIR, making the setup process straightforward and efficient.
Administrators can enforce 2FA for all users: This uniform security policy enhances overall security by requiring all users to authenticate with an additional method, such as a one-time password (OTP) sent to a mobile device or generated by an authenticator app.
Individual 2FA Setup and Reset: Users can enable two-factor authentication (2FA) independently in 'Account > Setup Two Factor Authentication'. Global Admin and users with the "user update" privilege can reset 2FA.

Enhanced Security Posture: By enabling 2FA, Binalyze AIR significantly reduces the risk of unauthorized access, even in the event of compromised credentials. This is a critical step in safeguarding sensitive investigation data and maintaining the integrity of digital forensics operations.
User-Friendly Configuration: The integration of 2FA in Binalyze AIR is designed to be user-friendly, making it easy for administrators to enable and enforce 2FA without complex configuration steps.
If you have activated the AIR SSO feature this will override 2FA.

Troubleshooting 2FA Issues: Time Synchronization

If you are experiencing issues with Two-Factor Authentication (2FA) in AIR, it may often be due to time synchronization problems on your system. Ensuring your system's time is correctly synchronized with an NTP (Network Time Protocol) server is crucial for the proper functioning of 2FA.

Steps to Check Time Synchronization:

Run the timedatectl Command: Open a terminal and execute the following command:
```
timedatectl
```
Verify the Output: After running the command, check the output for the following two lines:
- System clock synchronized: yes
- NTP service: active
Here’s an example of what the correct output should look like:
What to Do if the Time is Not Accurate: If your system clock is not synchronized or the NTP service is not active, this could be the root cause of your 2FA issues. To resolve this, you may need to synchronize your system's time using NTP.

How to Synchronize Your System Time:

Enable NTP Synchronization: You can synchronize your system’s time by running:
```
sudo timedatectl set-ntp true
```
Re-check the Time Status: After enabling NTP, re-run the timedatectl command to ensure that the system clock is now synchronized and the NTP service is active.

By ensuring your system’s time is accurate and synchronized, you can help prevent potential issues with 2FA in AIR. If the issue persists even after correcting the time, please contact our support team for further assistance.

PreviousSSL Certificate Management in Binalyze AIR NextPost-Deployment Configuration Guide

Last updated 7 months ago

Was this helpful?

Some key points about 2FA in Binalyze AIR:

LDAP User Compatibility with 2FA: Binalyze AIR supports two-factor authentication (2FA) for LDAP users. You can easily configure 2FA directly from the account settings within AIR, making the setup process straightforward and efficient.
Administrators can enforce 2FA for all users: This uniform security policy enhances overall security by requiring all users to authenticate with an additional method, such as a one-time password (OTP) sent to a mobile device or generated by an authenticator app.
Individual 2FA Setup and Reset: Users can enable two-factor authentication (2FA) independently in 'Account > Setup Two Factor Authentication'. Global Admin and users with the "user update" privilege can reset 2FA.

Enhanced Security Posture: By enabling 2FA, Binalyze AIR significantly reduces the risk of unauthorized access, even in the event of compromised credentials. This is a critical step in safeguarding sensitive investigation data and maintaining the integrity of digital forensics operations.
User-Friendly Configuration: The integration of 2FA in Binalyze AIR is designed to be user-friendly, making it easy for administrators to enable and enforce 2FA without complex configuration steps.
If you have activated the AIR SSO feature this will override 2FA.

Troubleshooting 2FA Issues: Time Synchronization

Steps to Check Time Synchronization:

Run the timedatectl Command: Open a terminal and execute the following command:
```
timedatectl
```
Verify the Output: After running the command, check the output for the following two lines:
- System clock synchronized: yes
- NTP service: active
Here’s an example of what the correct output should look like:
What to Do if the Time is Not Accurate: If your system clock is not synchronized or the NTP service is not active, this could be the root cause of your 2FA issues. To resolve this, you may need to synchronize your system's time using NTP.

How to Synchronize Your System Time:

Enable NTP Synchronization: You can synchronize your system’s time by running:
```
sudo timedatectl set-ntp true
```
Re-check the Time Status: After enabling NTP, re-run the timedatectl command to ensure that the system clock is now synchronized and the NTP service is active.