1. Culinary home page
  2. Google Authenticator App for ctcLink MFA

Google Authenticator App for ctcLink MFA

The following instructions are excerpted from Okta Help Center, URL- https://help.okta.com/en-us/Content/Topics/Security/mfa/google-authenticator.htm#En

Google Authenticator is an app that provides a Time-based One-time Password (TOTP) as a second factor of authentication to users who sign in to environments where multifactor authentication (MFA) is required.

End-user experience

  1. Go to the Apple App Store or the Google Play Store and install Google Authenticator on your device.
  2. In the web browser on your computer: When signing in to Okta or accessing an Okta-protected resource, enter your credentials and then click Next.
  3. On the Setup security authenticators page, click Set up.
  4. Select your device type, and then click Next.
  5. Perform the QR code scanning steps that apply to you:

    If your device can scan QR codes:

    1. Don’t click Next in the browser yet; instead, on your mobile device, launch Google Authenticator.
    2. In Google Authenticator, tap the + sign.
    3. Tap Scan a QR code and then point your camera at the QR code displayed in the browser on your computer. Your device camera scans the QR code automatically.
    4. In the web browser on your computer, click Next.
    5. In the Enter Code field, enter the setup key shown in Google Authenticator on your mobile device.
    6. Click Verify.

    If your device can’t scan QR codes:

    1. Don’t click Next in the browser yet.
    2. In the web browser on your computer, click Can’t scan.
    3. In the field above the Next button, make a note of the string of numbers and letters.
    4. On your mobile device, launch Google Authenticator.
    5. Tap the + sign.
    6. Tap Enter a setup key.
    7. In the Account field, enter your Okta username.
    8. In the Key field, enter the string of numbers and letters that you made a note of earlier.
    9. Tap Add. The message Secret saved appears.
    10. In the web browser on your computer, click Next.
    11. In the Enter Code field, enter the setup key shown in Google Authenticator on your mobile device.
    12. Click Verify.

Important considerations

  • The time on the end user's device might not be the same as the time on the clock in the Google Authenticator app. The Google Authenticator app allows a time difference on the end-user device of up to two minutes earlier or later than the time in the Google Authenticator app.

  • After five unsuccessful authentication attempts, regardless of the time between the attempts, the user account is locked and the admin must reset it.