View Categories

Access Methods for Admin Portal

4 min read

Overview: #

In this guide, we’ll explore the two access methods for admin login: Password and Passkey. Each method offers a distinct level of security and convenience, according to organizational security requirements. With these enhancements, admin users have greater flexibility and control over their account security by choosing their preferred access method and managing their registered devices effectively.

Access Methods Overview: #

  1. Password:
    • This traditional method of authentication involves users logging in with a username and password.
    • PROS: Offers a basic level of security and familiarity for users accustomed to traditional authentication methods.
      • The password field requires the input of a username to be displayed.
    • CONS: Passwords expire according to the configurations set on the system preferences page, and users may have multiple passwords, making tracking them challenging.
  2. Passkeys
    • This method embraces passwordless authentication by solely relying on WebAuthn for user authentication.
      • During the device registration process, validation will be performed to ensure the security of the user’s account.
      • This validation will include verifying the user’s password before allowing the registration of a new device.
    • PROS: Provides the highest level of security and convenience by eliminating the need for passwords entirely, reducing the risk associated with password-based attacks.
    • CONS: Dependency on compatible devices and browsers for WebAuthn authentication, which may limit accessibility for users with older hardware or software configurations.

Passkey system settings: #

To enable the Passkeys feature, the following configurations must be set up initially:

1 . As this is a system-level feature, the sender email and localhost need to be set up within the system’s general settings admin page.

Under listvendors.admin page > System settings > General Settings (syspreferences.admin)
Setting:
System Email Host = localhost
System Email Sender = {sender email} [email protected]
System Email Sender User Name
System Email Sender Password
System Email Alias


2. The “Register your Device to Login using Passkeys” email is set up at the server level. Therefore, it’s crucial to verify that the email registration device link contains the correct domain.

Step1: Setting up the admin account #

  • Admin users will have the option on their user settings where they can choose their preferred access method.
  • The options include Password, Passkeys.
  • Changes made in this setting will be reflected in the login process.

To configure the security method for each admin user, follow these steps:

  1. Access the Admin Interface as a system administrator.
  2. Navigate to the gear icon > Admin Users > search for the user you want to update the security method for or add a new user.
  3. On the ‘Admin User Information Edit Page’, find the section labeled “Access via”.
  4. Adjust the access method settings based on user preferences.
    (  ) Password
    (  ) Passkeys

Step2: Registering a Device #

Once the admin account is configured to use Passkeys, the admin user must proceed to register a device by going to the login page of the admin panel they wish to access.

On the login page, locate the ‘forgot password’ link.

Provide your admin username and observe the link transition from ‘Forgot password’ to ‘Register a device’.

However, if the admin user is configured for the password method, the password field will be displayed instead, and the link will persist as the ‘forgot password’ link.

Let’s proceed by entering the admin user set up for Passkeys and clicking on ‘Register New Device’.

The admin user will receive an email with a link to continue the device registration.

After clicking on the link, the login page will appear, prompting the user to select a location to save the passkeys.

Choose a device and click “Next” to initiate the device registration process. Access to the chosen device will be necessary to proceed further.

Once inside the device, follow the specific instructions provided, as they may vary depending on the device, until the registration process is successfully done.

Upon completion, a confirmation message reading “Passkey saved” will appear in a pop-up on the login page.

Now, the admin user simply needs to click on ‘Login’

Then select the device with the saved passkeys, click on ‘Next’

And follow the instructions until the admin user successfully logs in.

What are your Feelings

Powered by BetterDocs