zwei-faktor-authentifizierung

Two-factor authentication for your Online Voting Manager account

Secure log-in to your Online Voting Manager

  • Better protection of election and voter data
  • More security for your user account
  • You decide: time-based or by YubiKey

You can activate two-factor authentication to better protect your POLYAS Online Voting Manager account. This improves the protection of your election and voter data and increases security against hacker attacks.

Choice of technology

Before you activate two-factor authentication, you first have to consider which technology you want to use to implement it. There are two options:

  • YubiKey
  • Time-based (TOTP)

If you opt for authentication via YubiKey, you need the appropriate hardware. A YubiKey is a kind of USB stick that plugs into the computer. This security key immediately deletes access codes once you have used them.

Time-based or TOTP (Timebased One Time Password) authentication can be used in combination with authenticator apps. Examples of such apps would be:

  • Google Authenticator
  • Microsoft Authenticator
  • 2FA Authenticator

All three apps are available for both Android and IOS and can easily be downloaded from the app store.

Choice of technology.

Enabling two-factor authentication

To enable two-factor authentication, you first have to log into your account in the POLYAS Online Voting Manager. Then click on the avatar symbol in the upper right-hand corner. This takes you to your account settings. Under the tab “Personally identifiable information” you will see the option to enable two-factor authentication. If you click on “Enable”, a window will open. Under “Name of the second factor” you can give your authentication an individual name. You then specify under “Type of two-factor authentication” which of the above-mentioned methods you prefer to use. Select a method and then click on “Create”. In the following chapters, we will explain how to set up the time-based and YubiKey methods.

Click here for the POLYAS Online Voting Manager.

Enabling two-factor authentication.

 

The time-based method (TOTP)

If you choose the time-based method, a QR code will now be displayed. Now scan this with your authenticator app and enter the six-digit code displayed in the app into the text field below the QR code and click on “Send”. Your recovery codes are displayed now. Keep these codes in a safe place. Write down the codes or take a screenshot and keep it in a safe place.

Attention: If you should lose your second factor, the only way you can access your account is to use recovery codes. They are not login codes. If you lose both the second factor and your recovery codes, please send an email to: support@polyas.de.

Now everything is ready to carry out the two-factor authentication with the time-based method.

Log in using the time-based method

If you want to log in now, proceed as follows:

Go to the website for the POLYAS Online Voting Manager, enter your access data and click on “Login”. A window opens for your second factor. Open your authenticator app and enter the code displayed in its text field. Now click on “Send”.

Log in using the time-based method.

 

The YubiKey method

If you select the YubiKey method, another text field appears in the window with the title “Initial password (valid one time only)”. Click with the cursor in the text field and plug your YubiKey into a USB port on your computer. Now press the button on the YubiKey. The YubiKey token now appears in the text field. Click on “Create” and your recovery codes are displayed. Keep these codes in a safe place. Write down the codes or take a screenshot and keep it in a safe place.

Attention: If you should lose your second factor, the only way you can access your account is to use recovery codes. They are not login codes. If you lose both the second factor and your recovery codes, please send an email to: support@polyas.de.

Now everything is ready to carry out the two-factor authentication with the YubiKey method.

Log in using the YubiKey method

If you want to log in now, proceed as follows:

Go to the website for the POLYAS Online Voting Manager, enter your access data and click on “Login”. A window opens for your second factor. Select the text field in the window and plug your YubiKey into a USB port on your computer. Now press the button on your YubiKey. Your token will be generated now and automatically inserted into the text field. Now click on “Send”.

Bildschirmfoto 2021-04-21 um 11.32.22.png

Deactivating two-factor authentication

In order to deactivate the login with a second factor, click once again on the avatar icon in your POLYAS Online Voting Manager to access your account settings. Go to the tab “Personally identifiable information” and, next to the item “Two-factor authentication”,  click on “Manage”. The authentication types you have selected are displayed. Next to your second factor, click the trash can icon. A message is now displayed for you to confirm that you really want to delete this method. Click on “Delete” and close the window with the X symbol.

Note: You can delete or reactivate two-factor authentication at any time. It is also possible to activate other second factors.

Activate the second factor in the POLYAS Online Voting Manager now.