Multi Factor Authentication: Smartphone Authentication Alternatives

As part of our ongoing commitment to enhancing security, we have recently implemented Multi-Factor Authentication (MFA) for customers using our hosted application. By default, this security measure requires the use of a smartphone-based authentication app to verify user identities.

However, we understand that some customers may face challenges with this method, either due to the absence of smartphones or workplace restrictions on their use. As an alternative to smartphone authentication, you are also able to utilise PC-based key vault applications that support MFA authentication. We have included a list of some of these below (there are many more), with both free and paid options. We have also included configuration steps for a one of these (free) methods (KeePass XC) and you should find that configuration is broadly similar across these applications.

Free Applications

Paid Applications

Logme Once Configuration

First, sign up and add a subscription to the Premium (Free) edition
Install the browser extension when prompted
Go to Add an app

For the purposes of configuring MFA, this entry can just be empty, Just give it a memorable Name
- Adding your username, password and the URL (most importantly) will make it easier to use
Click 'Add App'

Configuring TOTP (Time-Based One-time Password)

When logging into Dolphin for the first time (and without having MFA configured), you will receive the below message:

The system will then automatically send an MFA enrollment email to your registered email address.
Follow the link in the email address, enter your Dolphin password and select 'Login'.

On the next screen select 'Register Token'.

Keep the default settings

With the QR code on screen, launch the browser extension and click on the elipsis next to the entry you created earlier

Click 'Scan Two-Factor Code'

Copy the 6 digit code that is presented next

Back in the login portal, enter the 6 digit code and click Register

You will receive the below message, click 'OK'.

As a further test (if you wish) you can select 'Test Login'.

In Logme Once browser extension, click the elipsis and 'Copy Two-Factor Code'

Paste the copied TOTP into the 'OTP' field and select 'Continue'

You will receive the below message indicating a successful authentication:

Logging into Dolphin

After the above configuration of MFA, you will now see the below screen when logging into Dolphin:

Within Logme Once browser extension, click on your Dolphin entry
Click the eyeball button next to the two-factor code
The TOTP will be displayed as below:
Simply enter this into the 'One-time password' field within the login page and the Dolphin application will launch.

KeePass Configuration

First you will need to create a database within KeePass to store your Dolphin TOTP (Time-Based One-time Password):

Launch the app and create a new database:
- Go to Database → New Database.
- Set a name and strong master password.
- Save the database file securely.
Create a new entry for Dolphin MFA (click on the '+' sign or select 'Entries > New Entry' from the menu).
For the purposes of configuring MFA, this entry can just be empty.

Configuring TOTP (Time-Based One-time Password)

When logging into Dolphin for the first time (and without having MFA configured), you will receive the below message:

The system will then automatically send an MFA enrollment email to your registered email address.
Follow the link in the email address, enter your Dolphin password and select 'Login'.

On the next screen select 'Download Token'.

Select 'Next'.

Select 'I use another token (manual registration)'.
In the 'key Format' drop-down, select 'Base32' - (Please note the required key format may change based on the password app you chose, but this is the requirement for KeePass XC).
The 'Secret Key' value is what will be configured in KeePass.
Keep this Window open.

Back in KeePass, right-click on the entry you created for Dolphin and select 'TOTP > Set up TOTP...'

Enter the Secret Key value from the login page.
Select 'OK'

Back in the login portal, select 'Register'.

You will receive the below message, click 'OK'.

As a further test (if you wish) you can select 'Test Login'.

In KeePass, right-click on the Dolphin entry and select 'TOTP > Copy TOTP'

Paste the copied TOTP into the 'OTP' field and select 'Continue'

You will receive the below message indicating a successful authentication:

Logging into Dolphin

After the above configuration of MFA, you will now see the below screen when logging into Dolphin:

Within KeePass, right-click on the Dolphin entry and select 'TOTP > Show TOTP' - (Microsoft RDS does not allow passwords to be copied into the login screen).

The TOTP will be displayed as per the below:

Simply enter this into the 'One-time password' field within the login page and the Dolphin application will launch.

If you have any questions in relation to the above, please don't hesitate to raise a ticket with our Support team via Support@dolphind.com