Google Authenticator Enrollment
Table of Contents
About Google Authenticator | Back to Top |
The lab uses the Google Authenticator app as another means of multi-factor authentication (MFA). This MFA method can be used to connect to the Virtual Private Network (VPN), login nodes (such as login.jlab.org, acclogin.jlab.org, scilogin.jlab.org, hallgw.jlab.org) to get to Farm and QCD interactive nodes, and when logging into jlab.org on the web.
To enroll in Google Authenticator, please first email helpdesk@jlab.org requesting access. A token will be assigned to you. and you will receive an email from 2factor@jlab.org to your JLab email address with instructions on installing the required app and activating your token.
Setting Up Your Google Authenticator Token | Back to Top |
1. Install Google Authenticator
Install the Google Authenticator app from your device's app store. This token can technically be enrolled in most multi-factor authentication apps, but is meant for the Google Authenticator app.2. Open the enrollment link from the SafeNet Authentication Service Self-enrollment email
3. Scan the QR Code or click the link to enroll your token
You can scan the QR code using your Google Authenticator app, or click the link below the QR code to enroll the token on the device the Self-Enrollment page is opened on.
5. Initialize the Token
Back on the browser page where you first got your QR code, there is a field promoting you to enter your OTP code. In the 'Enter your OTP' field, input the temporary server-side PIN from below this text-box, followed by the current OTP in your app (without spaces or a ‘+’ ).
6. Set up Your Own PIN
Once that is completed you should be promoted to create your own 6-8 digit PIN number. This is the PIN you will enter, followed by the 6-digit OTP from the app, each time you authenticate using Google Authenticator. Despite the displayed instructions, this PIN can only be 6-8 digits.
Once you create your own pin and confirm it, you should be greeted with a page saying you have successfully enrolled. This pin will expire in 6 months, in which case, the user will need to reset it.
How do I sign in using Google Authenticator? | Back to Top |
Username: JLab CUE Username
Password: Google Authenticator PIN, followed by OTP from the app
You username will be the same one you use for wifi and jlab.org, but your "password" will be the PIN that you set followed by the auto-generated OTP on the screen. No spaces in between.
Acronyms
- MFA: multi factor authentication
- Systems using MFA require you to present two or more verification factors to access them
- CUE: common user environment
- Your JLab CUE username and password are the ones you use to sign into jlab.org
- OTP: one-time-passcode
- This is the 6-digit code generated by your MFA token
- (OTP) PIN: one-time-passcode personal identification number
- Each MFA token you set up will have a 6-8 digit PIN associated with it
- While PINs may have the same numbers, they are each distinct, and distinct from your Smart Card login PIN(s)