As of Genie version 8.8.7 there are updated security functions for GenieWeb users, including multi-factor authentication and password complexity requirements.
Before you begin
To setup your security and multi-factor authentication please ensure that you have already completed your initial GenieWeb configuration as well as the configuration of the devices to which you would like to use GenieWeb on.
For additional security, all GenieWeb users are now required to use a complex login password. To meet the minimum standard, your password must contain:
- At least eight characters;
- At least one uppercase letter; and
- At least one number
You will not be able to log in to GenieWeb unless your password meets the security requirements. If you attempt to log in to GenieWeb with an unsuitable password, you will be prompted to perform a password reset.
Setting a New Password
- Launch Genie to the login window, or select File > Add or Change User
- Highlight your username, then click the Set Password button.
- Tick the GenieWeb User checkbox
- Enter your old password into the Old Password field, then press the Tab key on your keyboard. If you did not have a password, simply hit the Tab key.
- Enter your new password into the New Password field.
- Re-type your new password into the Re-enter New Password field.
- Confirm that the three password criteria listed here are displaying in green text, indicating that your password meets the security criteria. Red text indicates that the password has not met the security criteria.
- Select OK to save the changes
You can now use your new password to log in to Genie and GenieWeb.
Multi-factor authentication (MFA) is an enhanced security feature where a user is only granted access after verifying their identity using more than one method (for example, by providing both a password and a PIN code).
Note: MFA is configured on an individual basis. Each GenieWeb user who wishes to use MFA will need to follow the instructions below.
A third-party authenticator application, such as Google Authenticator or Authy, is required to use MFA with GenieWeb.
Because you will need to access the authenticator each time you log in to GenieWeb, the authenticator should be installed onto the smartphone or tablet device on which you intend to use GenieWeb, or alternatively, onto a readily accessible device such as your personal smartphone. The device that you install the authenticator onto must also have a built-in camera.
Configuring Multi-Factor Authentication
The instructions below use Google Authenticator as an example. If you are using another
authentication service, the instructions may differ.
- Log in to Genie Client and browse to File > Maintenance and Reports. Select GenieWeb.
- Click on the Setup MFA button. A new window will appear, displaying a secure GenieWeb QR code.
- Launch the Google Authenticator application on your device
- Open the menu and select Set up account
- Select Scan a barcode
- Capture the GenieWeb QR code as prompted, using your device’s camera
- The account will be added to Google Authenticator under your Genie username.
- Enter the six-digit passcode from the authenticator into the Enter the code to enable box within the Setup MFA window. Click Enable
- Genie will present you with a list of backup authentication codes. Print or note down the codes, then close the window.
If your authenticator device is lost or inaccessible, you can use one of your backup codes in place of an authentication code to log in to GenieWeb. For this reason it is important to record these codes external to your authenticator device.
Note: Backup codes are specific to each GenieWeb user, and will not work for other GenieWeb users. Every GenieWeb user with MFA enabled will need to record their individual backup codes. Each backup code can only be used once
You can generate new backup codes by opening the GenieWeb window via File > Maintenance and Reports, selecting Setup MFA, then clicking Generate Backup Codes. This will render any previously generated backup codes invalid.
Disabling Multi-Factor Authentication
To disable MFA, you must first be a member of a security group which allows you to make this change. GenieWeb MFA can then be disabled at any time via the File > All User Preferences list in Genie Client, by deselecting the MFA Enabled checkbox in the column corresponding to your username.
Using Multi-Factor Authentication
When you next log in to GenieWeb, tick the checkbox Use a multi-factor authentication code. A new field will appear, prompting you to enter the authentication code.
Launch the authenticator application on your device, take note of the authentication code, then enter this into the Code field at the GenieWeb login screen. You can then click Log in to log in to GenieWeb
If you think somebody else would appreciate reading this article feel free to email them a link.