Authenticator App

The authenticator app method is a type of two-factor authentication that uses a mobile application to generate one-time codes for account verification. After setting up the authenticator app on their device, the user links it to their Zammad account.

How it works

When logging in, the user is prompted to enter a time-sensitive code generated by the app, in addition to their password. This code acts as the second factor of authentication, providing an extra layer of security as it changes periodically and is unique to the user’s device.

Security Code in Google Authenticator App

The app generates codes based on a shared secret key stored securely on both the user’s device and the server, ensuring a synchronized and secure authentication process. The method of generating the codes is sometimes also called TOTP (time-based one-time password).

Enabling the Authenticator App method

To enable the method, just toggle the switch on in the settings.

Authenticator App Switch in Settings

Now the users will be able to set up this two-factor authentication method for their accounts via “Avatar -> Profile -> Password & Authentication”. Once they do, on next sign-in with password, they will be asked to provide an additional security code generated by their mobile device.