Two factor authentication at IBU

IBU is making a next step in protecting the data with implementing the two-factor authentication against remote attacks such as phishing, credential exploitation and other attempts to takeover IBU accounts.

The feature is NOT applied authomatically to users' accounts. However we changed the programming code of the login screen.
If you experience any difficulty with login please contact IBU administrators.

What is two-factor authentication?

Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that's considered a single-factor authentication. Two-factor authentication requires the user to have two out of three types of credentials before being able to access an account. 

The three types are:

  1. Something you know, such as  password
  2. Something you have, such as  phone
  3. Something you are, such as a biometric like a fingerprint or voice print

When enabled on your IBU account, the two-factor authentication will require the password + your smartphone or cellphone.

How it works?

Depending on your situation, we have the following  two-factor authentication methods available:

Using your smatphone and google authenticator pincodes

The time-based one-time passwords algorithm generates unique, time-based pincodes and must have a synchronized clock source in order to work properly. TOTP involves generating a temporary, unique pincode that only works for a certain amount of time, typically 30-60 seconds. After the time is up, the pincode will no longer work. A user can generate a pincode by using the "google authenticator" mobile app on a smartphone or tablet. After generating a pincode, a user must type it in manually to authenticate for access.

Using your cell phone and SMS pincodes

SMS  pincodes similar to SMS. The IBU server can generate new, unique pincode by your request to type into the two-factor prompt. It is important that the pincode is delivered over the out-of-band mobile network to your mobile phone and less likely can be intercepted by hackers. After receiving the pincode, a user must type it in manually to authenticate for access. In contrast to TOTP pincodes the SMS pincodes have longer expiration period and considered as less secure. We consider to use it only when the time-based pincodes are not available.

Using the device that you own, the extra security PIN code will be delivered to your cellphone via out-of-band SMS message or created with the google authenticator application on your smartphone or tablet.

Where to start?

Install the Google Authenticator app on your smartphone or tablet.

If you own an Apple smatphone or tablet please use this link 

https://itunes.apple.com/en/app/google-authenticator/id388497605?mt=8

or search for google authenticator app in the Google Play Store on your mobile device.

Open the App Store application
Search for Google Authenticator app
Install the Google Authenticator app

If you own an Android smatphone or tablet please use this link 

https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en

or search for google authenticator application in the App Store on your mobile device.

Login the IBU web site as regular and use this link to set up the two-factor authentication:


https://secure.ibuinc.com/accesscontrol/edittfa.asp

Select the "time-based pin" in the "Two-factor Auth" type field.

Click "BEGIN SETUP" on your smartphone

Click "Scan barcode" on your smartphone.

Allow your smartphone camera to see the barcode on the screen of your computer.

Your smartphone now will be generating a new unique pincode every 30 seconds

Save the changes to your account in the IBU system with clicking the "Submit" button to enable the two-factor authentication.

Use the google authenticator pincode with your username and password to login the IBU system next time.