JumpCloud multifactor authentication supports TOTP based tokens. Users setup MFA in the JumpCloud User portal in the Security section.
This process requires a TOTP application, generally for a mobile device. Any application that can generate a six-digit SHA-1 based TOTP token should be able to be used with JumpCloud's MFA. Not all applications listed may be available for all mobile OS versions. Several apps qualified to work with JumpCloud are:
To set up MFA in the User Portal:
- Go to the User Portal https://console.jumpcloud.com.
- The User Portal detects that you are in an enrollment period, and after you log in, are prompted to set up MFA. On the Setup Multifactor Authenitcation window, click Continue.
- You are presented with the QR code representing your TOTP key.
- Scan or copy and paste the QR code in your TOTP application. You are presented with a 6-digit verification code in the TOTP application. Enter that token, then click Submit.
Token validation is required for:
- Mac desktop login
- Linux SSH login
In case of Device Loss or Failures
Because the device containing the TOTP key may be a single point of failure, in case of loss or breakage, it's recommended to record and store the TOTP value in a safe place as a backup. Most apps that generate TOTP tokens allow the TOTP key to be entered manually, which means it can be typed in rather than scanning the QR code to restore the ability to generate tokens on a new device or app.