FileZilla Pro Enterprise Server supports Second Factor Authentication (2FA), a two-step verification authentication service based on the Time-based One-time Password (TOTP) algorithm.
TOTP works by generating a unique numeric code that changes at regular intervals, typically every 30 seconds. This code is synchronized between the server and the user’s device. When logging in, the user enters the current code displayed on their device, which is verified by the server. FileZilla Pro Enterprise Server accepts 3 codes: immediately previous, current, and next. This accounts for time differences and entry delays. To verify the server time setting, check if your operating system is configured to “Synchronize with an Internet Time server”.
2FA works with all types of credentials, but Do not require authentication. To activate that for a user you need to select the Use a time based OTP (TOTP) option.
Click on the Generate button to create a secret key. Alternatively you can enter a secret key yourself, note that it must be a valid string long at least 16 base32 characters (A–Z, followed by 2–7). If the secret key matches the criteria then the Copy to clipboard button becomes active.
The copy to clipboard function helps you to temporarily store the secret key so that you can paste it somewhere
to communicate it securely to the user.
The user will need to enter the secret key in their preferred TOTP-capable authenticator app, such as GoogleAuthenticator where they need to click on the + button and then select Enter a setup key and enter it.
Users using either the FileZilla or FileZilla Pro client must first add a new entry in their time-based one-time
password generator, such as Google Authenticator, by entering the provided secret code.
Just like for any other FTP or FTPS server, they need to enter the hostname, username, and password. FileZilla
or FileZilla Pro will then prompt them for the one-time password generated by Google Authenticator.
Note: When connecting to an SFTP server, users must enter both the one-time password generated by Google
Authenticator and the user’s password in the password field, separated by a semicolon. This approach applies
to users not using FileZilla and FileZilla Pro when connecting to FTP and FTPS servers.
The video tutorial below shows how to set up a second factor authentication with FileZilla Pro Enterprise Server.
Video tutorial: FileZilla Pro Enterprise Server: How to Set Up a Second Factor Authentication
Related Topics: