Two Factor Authentication In Odoo

Introduction

Unfortunately, our system Passwords are not as secure as they need to be. If someone gets access to your passwords, they can access your documents and information without any difficulty. Even if you have a very strong password it will not protect your system completely. In this blog, we are demonstrating how you can secure your systems and avoid mishaps like hacking and compromise on sensitive data. We at Bista Solutions have developed a Two- factor Authentication module in Odoo, which is one of the best ways to ensure that your account does not get hacked and your data stays intact. 

 

Two- Factor Authentication module

 

This is the only super method to make sure your user is authenticated. It will be an additional layer of security to your ERP System. It makes the user login through two factors :

1. Password.

2. Code

We have implemented a Time-Based One-Time Password Algorithm (TOTP). This method is flexible enough and allows your users to generate their authentication tokens directly on their smartphones. To enable this access users should have Google Authenticator App installed on their smartphone, furthermore, you can also get the token sent to your smartphone through an SMS. Let’s  now have a look at how the Two- Factor Authentication process works, here is a step-by-step explanation  :

First of all, the user needs to install the Two- factor Authentication module in Odoo 

A) Process of Admin configuration with Two-Factor Authentication :

Step 1: After you have installed the module you will find a new tab called Two Factor Authentication and if you have the admin rights, you can create Two-Factor Authentication for your user through the Odoo login as shown below.

two-facto-bista

Step 2: You have two ways to Enable Two-Factor Authentication for User using which are

  • Enable Two-Factor Authentication via the Google Authenticator app

  • Enable Two-Factor Authentication via SMS

You can choose either of these and click on the “Send Secret Key By Email” button to get your Secret Code:

two-facto-bista-solutions

Step 3: The user will immediately get an Email on his registered Email Id:

qr-code

 

B) Process of User configuration with Two Factor Authentication

Step 1: If the user is using the Google Authenticator app then the user has to scan this QR Code using his Smartphone.

google-authentication

Step 2: The user will now get the secret key via SMS generated by the Google authenticator app.

 

C. Login Step for User:

Step 1: Finally user can log in to the OpenERP System.

odoo-login

Step 2: Now the User will be asked to add the secret code password.

Noteworthy: This password would be for only one-time use, in addition, we can also decide the validity time of each password.

odoo-email

 

Successful Login into Odoo!!!!

We hope this snippet of Two Factor Authentication helps you secure your process in Odoo.

For more information on this module, you can get in touch with us through sales@bistasolutions.com. You can also see the demonstration of this module on our YouTube channel.