Release notes
Configure local user account for MFA with TOTP
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
Beginning in ONTAP 9.13.1, user accounts can be configured with multifactor authentication (MFA) using a time-based one-time password (TOTP).
-
The storage administrator must enable MFA with TOTP as a second authentication method for your user account.
-
Your primary user account authentication method should be a user password or public SSH key.
-
You must configure your TOTP app to work with your smartphone and create your TOTP secret key.
TOTP is supported by various authenticator apps such as Google Authenticator.
-
Log in to your user account with your current authentication method.
Your current authentication method should be a user password or an SSH public key.
-
Create the TOTP configuration on your account:
security login totp create -vserver "<svm_name>" -username "<account_username >" -
Verify that the TOTP configuration is enabled on your account:
security login totp show -vserver "<svm_name>" -username "<account_username>"