U2F Authentication

Overview


U2F authentication module allows to secure access to HostBill client and admin areas using U2F keys. U2F - Universal 2nd Factor is an open authentication standard that strengthens and simplifies two-factor authentication using specialized USB or NFC devices.

Additional module requirements


  1. Module was built and tested using Yubico YubiKeys - your authentication device needs to support U2F protocol
  2. Module requires HostBill to use valid SSL certificate ( HostBill needs to be accessed over https protocol) 

Activating the module


  1. If the plugin is included in your HostBill edition you can download it from your client portal.
  2. If the plugin is not included in your HostBill edition you can purchase it from our marketplace and then download it from the client area.
  3. Once you download the plugin extract it in the main HostBill directory.
  4. In order to activate the plugin go to Settings→ Modules→ Plugins → Inactive, find and activate U2F Auth plugin. 

  5. Once the plugin is activated you will be directed to Settings→ Modules→ Plugins to configure the module.

Using module - administrators


To start using U2F, you first need to configure your U2F keys. Go to your account settings and click on the `Two factor auth (U2F Auth)` checkbox.

After clicking, a modal window will appear in which you can see your U2F keys, delete them and add new ones. To add a new U2F key enter the key name in the `Key name` field and then press the Add button. Next you need to insert your USB key and if the key has a button then press it. After these actions, the key will be assigned to you.



Note. Do not forget to save your account details.

Next, when logging into the administration panel, you will have to log in using one of the keys that you previously assigned to yourself.

Using module - clients


Registration and authorization of the keys is very similar to the procedure for registration and authorization of the keys for administrators.

From admin area

Authorization using U2F keys for all clients can be enabled/disabled using the Two factor auth (U2F Auth) registration field.
To enable or disable authorization using a U2F key, you must go to the client details page and enable the 'u2f` checkbox. After enabling checkbox, a modal window will appear in which you can see U2F keys for the selected client, delete them and add new ones. To add a new U2F key provide the key name in the `Key name` field and then press the Add button. Next, you need to insert the USB key and if the key has a button then press it. After these actions, the key will be assigned to the client.

Note. Do not forget to save the client details after these actions.

Next, the client when logging in to the panel will have to log in using one of the keys.
After entering his email and password, he will be asked to insert the U2F key. After successful authorization, the client will be redirected to the client area.

From client area

Authorization using U2F keys can be enabled/disabled using the Two factor auth (U2F Auth) registration field on the account details page.
After enabling checkbox, a modal window will appear in which you can see your U2F keys, delete them and add new ones. To add a new U2F key, enter the key name in the field `Key name` and then press the Add button. Next you need to insert the USB key and if the key has a button then press it. After these actions, the key will be assigned to your account.

Note. Don't forget to save account details after these actions.

Next, when you logging into the portal you will have to use one of the created keys.
After you provide email and password, you will be asked to insert the U2F key. After successful authorization, you will be redirected to the client area.