Multi-Factor Authentication (MFA) Setup
Pinepods provides robust Multi-Factor Authentication using Time-based One-Time Passwords (TOTP) to add an extra layer of security to user accounts. This feature works with popular authenticator apps and significantly enhances account protection.
Overview​
MFA in Pinepods uses the TOTP standard (RFC 6238) with the following specifications:
- Algorithm: SHA1
- Digits: 6-digit codes
- Time Window: 30-second intervals
- Standard: Compatible with Google Authenticator, Authy, and other TOTP apps
Accessing MFA Settings​
- Navigate to Settings in the main menu
- Expand the MFA Settings or Multi-Factor Authentication section
- All users can enable MFA for their own accounts
Setting Up MFA​
Prerequisites​
Before setting up MFA, ensure you have:
- Authenticator App: Google Authenticator, Authy, Microsoft Authenticator, or similar
- Device Access: The device where your authenticator app is installed
- Account Access: Ability to log into your Pinepods account
Step-by-Step MFA Setup​
Step 1: Initiate MFA Setup​
- In the MFA Settings section, look for the setup button
- Click Enable MFA
- The system will generate a unique secret key for your account
Step 2: Scan QR Code​
- A QR code will appear on your screen
- Open your authenticator app on your mobile device
- Use the app's "Add Account" or "Scan QR Code" feature
- Point your device's camera at the QR code displayed in Pinepods
- The authenticator app will automatically add your Pinepods account
Step 3: Verify Setup​
- After scanning, your authenticator app will begin generating 6-digit codes
- Enter the current 6-digit code from your authenticator app into Pinepods
- Click Verify or Confirm to complete the setup
- If verification succeeds, MFA is now enabled for your account
Manual Setup Alternative​
If you cannot scan the QR code:
- Look for the text-based secret
- In your authenticator app, choose "Enter Key Manually"
- Add the following information:
- Account: Your Pinepods username or "Pinepods"
- Secret Key: Copy the displayed secret key exactly
- Time-based: Ensure this option is selected (30-second intervals)
Using MFA After Setup​
Login Process with MFA Enabled​
Once MFA is enabled, your login process changes:
- Standard Login: Enter your username and password as usual
- MFA Prompt: After successful password verification, you'll see an MFA code request
- Authenticator Code: Open your authenticator app and find the 6-digit code for Pinepods
- Code Entry: Enter the current code (codes expire every 30 seconds)
- Complete Login: Click submit to complete the authentication process
MFA Code Timing​
- 30-Second Window: Each code is valid for 30 seconds
- Auto-Refresh: Codes automatically change every 30 seconds
- Timing Indicator: Most authenticator apps show remaining time for each code
- Clock Sync: Ensure your device's clock is accurate for proper code generation