Configure local user account for MFA with TOTP
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- Security and data encryption
- Data protection and disaster recovery
Collection of separate PDF docs
Creating your file...
Beginning in ONTAP 9.13.1, user accounts can be configured with multifactor authentication (MFA) using a time-based one-time password (TOTP).
-
The storage administrator must enable MFA with TOTP as a second authentication method for your user account.
-
Your primary user account authentication method should be a user password or public SSH key.
-
You must configure your TOTP app to work with your smartphone and create your TOTP secret key.
TOTP is supported by various authenticator apps such as Google Authenticator.
-
Log in to your user account with your current authentication method.
Your current authentication method should be a user password or an SSH public key.
-
Create the TOTP configuration on your account:
security login totp create -vserver "<svm_name>" -username "<account_username >"
-
Verify that the TOTP configuration is enabled on your account:
security login totp show -vserver "<svm_name>" -username "<account_username>"