Skip to article frontmatterSkip to article content

Configuring and Resetting MFA


Multi-Factor Authentication (MFA) is required to access OpenScienceLab resources.

Currently, we support TOTP-based authentication, with plans to add hardware key (ex. Yubikey) authentication in future updates.


Watch: Log In and Set Up MFA


Before You Begin

A TOTP-enabled MFA application is required to use OpenScienceLab resources. While the most widely utilized approach is through a smartphone application, there are also several desktop clients that provide this functionality.


Setup Steps

  1. Log into OpenScienceLab normally. Leave the “MFA” field on the login page blank.
  2. Click “Configure New MFA Device” in the Navigation Bar at the top of the page.
  3. Configure your MFA device:
    1. If using a smartphone application, scan the QR code using the application’s “Scan QR Code” feature.
    2. If using a desktop application, copy the OTP Secret into the “TOTP” field
  4. Enter the current 6-digit MFA code generated by your application into the “Code 1” field on the “Configure New MFA Device” page.
  5. When the code changes, enter the new code into the “Code 2” field on the same page and click the “Check MFA Codes” button.
  6. If the check is successfull, navigate back to the home page by clicking “Home” in the Navigation Bar at the top of the page and continue using OpenScienceLab as normal.

Resetting MFA

On occasion, you may wish or need to reconfigure MFA for your OSL account.

  1. Navigate to opensciencelab.

Click the "Reset MFA" link on the sign in card

Click the "Reset MFA" link on the sign in card

Complete the MFA reset form.

Complete the MFA reset form.

An alert will appear directing you to click an emailed verification link within 60 minutes.

An alert will appear directing you to click an emailed verification link within 60 minutes.

Click the verification link in the email.

Click the verification link in the email.

  1. Sign into OpenScienceLab, leaving the MFA field empty.
  2. Follow the Setup Steps above to setup a new MFA device. You will not be able to access any labs until you setup a new MFA device.

Troubleshooting

  1. If the MFA Code check is not successful, there are two potential issues:
    1. One of the codes was mis-typed.
    2. The secret was not properly put into the MFA application.
  2. Test again with another two consecutive codes, and if the verification step fails again, check that the OTP Secret on the page matches the secret in your application.
  3. If all else fails, refresh the page. This will generate a new code, which you can then use to follow the same steps above.

For additional issues and further troubleshooting, please email uso@asf.alaska.edu