Improving security using two-factor authentication (2FA)
Joyent has added additional security features to the Triton Compute Service portal to assist customers who must comply with stringent security requirements, such as those mandated by PCI-DSS.
Enabling 2FA will also enable a 15 minute inactivity timeout which is required by many security standards.
Typically when we log into computer systems, whether it an email account or the Triton Compute Service portal, we supply a username which identifies us and a password which authenticates us. This is "single-factor authentication" using a password, a series of characters that (hopefully) only we know.
Two-factor authentication (i.e. "2FA") seeks to improve security by adding a second type ("factor") of authentication. The first factor is still a traditional password. The most common second factor is a one-time password (OTP) generated by a physical device or by software on a smartphone.
In very high security environments, an alternative form of authentication may be used: biometrics. Biometric authentication is based on the shape of your hand or your fingerprint (or if you’re in a spy movie, a retinal scanner).
The advantage of using a second factor of authentication is that if your password being compromised, that alone isn't sufficient information to gain access to your account.
Yes, we support passwords and one-time passwords (OTP) using any Google Authenticator compatible application.
Login to the Triton Compute Service portal. Select your username from the top right corner and choose Two Factor Authentication. A popup will appear indicating if you have or have no turned on Two Factor Authentication. If it is disabled, Enable it.
You will see a 3 step process which will guide your through the process.
Once your preferred authenticator app is installed on your device, add a new account and scan the QR code into the app. Following this, the application should be registered. In the portal, enter the OTP code (a 6 digit number) into the box under step three and Verify.
If you decide to revert to single-factor authentication, just go back to the menu under your account name and select Two Factor Authentication. You will receive a popup with a "Disable" button.
The Triton Compute Service portal two-factor authentication only protects your Triton account, not your instances themselves.
If you wish to use two-factor authentication to protect your instances, we recommend looking at Joyent partner Duo Security.