Configure local user account for MFA with TOTP
Suggest changes
PDFs
Beginning in ONTAP 9.13.1, user accounts can be configured with multifactor authentication (MFA) using a time-based one-time password (TOTP).
-
The storage administrator must enable MFA with TOTP as a second authentication method for your user account.
-
Your primary user account authentication method should be a user password or public SSH key.
-
You must configure your TOTP app to work with your smartphone and create your TOTP secret key.
Microsoft Authenticator, Google Authenticator, Authy and any other TOTP-compatible authenticator is supported.
-
Log in to your user account with your current authentication method.
Your current authentication method should be a user password or an SSH public key.
-
Create the TOTP configuration on your account:
security login totp create -vserver "<svm_name>" -username "<account_username >" -
Verify that the TOTP configuration is enabled on your account:
security login totp show -vserver "<svm_name>" -username "<account_username>"