This article will show you how to set up two-factor authentication for your native user accounts in Cerberus FTP Server.
Download the authenticator app of your choice. We recommend either Google Authenticator, Authy, or the OTP Auth phone apps.
Microsoft phone users, please see here.
- Login to your Cerberus web client account and go to the Accounts page.
- Press the Enable Two Factor button.
- A prompt will appear to inform you about what enabling two factor authentication means and to ask you if you wish to continue. Press the Enable button.
- A QR code will appear that you can use to enable two factor authentication in a supported HOTP-compliant app.
The QR code and test screen in Cerberus FTP Server for enabling two factor authentication
Using your authenticator app, scan the QR code from the account page.
Enter the key code from the Cerberus account page into your authenticator app.
Your authenticator app should now display a six-digit one-time code. Enter your code in the test box and press the Verify button to verify your setup and activate two-factor authentication.
Note: If you leave the accounts page without verifying your setup then two-factor authentication will remain disabled
Two-factor authentication is now enabled!
From now on, when you sign into the Web Client it will ask you for your 6-digit authentication code.
Simply open your authenticator app to find the code.
The most common reason for the two-factor authentication not working correctly is that the clock on your phone is inaccurate. Ensure that your phone clock is synced to your computer.
Cerberus is calibrated to allow some leniency with authentication codes, but a good rule of thumb could be to attempt entering a new code as soon as it becomes available on your device. If this doesn’t work, waiting until the end of the code’s validity period is also sometimes helpful.
DUO Two Factor Support
In Cerberus Enterprise Version 9.0.5 we added support for DUO Security for 2-factor authentication. See here for steps to configure with Cerberus.