Multi-Factor Authentication

CNT Call Manager offers integrated Multi-Factor Authentication (MFA) to optimally protect user accounts and data. This additional security layer requires a second proof of identity alongside the password and can be activated flexibly, even in combination with OpenID.

OpenIDOpenID

User-friendly and Secure at the Same Time

The Multi-Factor Authentication (MFA) in CNT Call Manager combines user-friendliness with the highest security. In addition to the conventional password login, CNT Call Manager offers additional protection mechanisms through TOTP, HOTP, email-based, and push notification authentication.

These four variants can be used flexibly and tailored to your requirements to ensure a secure and seamless user experience. With high acceptance among users, they provide optimal protection for your data and accounts.

MFA as a Standard Feature

The use of Multi-Factor Authentication is available to every user as a standard feature.

TOTP

TOTP (Time-Based One-Time Password) allows the use of time-based passwords with authentication apps like 'Google Authenticator' for added security.

To configure this, is straightforward: Configure your preferred authentication method in the CM App via the 'Authenticator (TOTP)' button, set your parameters, and save the settings. A QR code facilitates synchronization with your smartphone by scanning it with the authentication app and creating a new entry. After entering the activation code, the method is activated and ready for secure and reliable login.

HOTP

HOTP (HMAC-Based One-Time Password [Hash-based Message Authentication Code]) provides an additional security layer in CNT Call Manager by generating numeric codes that can either be entered manually or transmitted automatically via a hardware key. Since the counter-based password is not time-dependent, it remains valid until an action is triggered that increments the counter.

To set up, you need an authentication app that supports the HOTP standard, such as 'Google Authenticator'. In the CM App, configure the method via the 'Hardware Key (HOTP)' button, specify your desired parameters, and save the settings. The displayed QR code is scanned with the app on your smartphone to perform synchronization. After generating and entering the activation code, the method is activated and ready for use.

For maximum security, you can also use HOTP hardware keys like 'YubiKey' to further enhance the protection of your logins.

Email

The email method works by default with the email address from your user data (which can be changed manually). An email with your authentication code and a clickable link is sent to this address. If 'autosend' is active, you will receive it automatically; otherwise, sending must be initiated by clicking the link on the authentication page.

For numeric input, the CM app displays a dedicated page. If you click the link instead, this page will close. You will be redirected and logged in.

Push Notification

The push notification authentication in CNT Call Manager offers another straightforward and secure method for logging in. This option requires no additional configuration and utilizes an already authenticated app to optimize the authentication process.

For example, if you are already logged into the CM App and have activated two-factor authentication in conjunction with the 'Trust Device' or 'Remember' option, the CM Mobile App is considered trustworthy. When logging in on another device, a notification automatically appears, allowing you to conveniently confirm or deny the second login. This method ensures a fast, user-friendly, and secure login.