Use TOTP as Two Factor Authentication (2FA) for Remote Access

In addition to providing advanced security modes of mOTP and 2-Step Authentication for remote administrators to log in to the Vigor router, the Vigor router now has another option, namely TOTP, to meet customer needs. A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. The password is valid once, and it can protect the password-based authentication from replay attacks. For the router’s remote access (login from the WAN interface), we may use TOTP and add a layer of security to the router. This requires a device, usually a mobile phone with a TOTP Authenticator (Google Authenticator) app installed, to generate the time-based one-time password.

Support Model/ Firmware:

• Vigor2765/2865/2927 firmware version 4.3.1
• Vigor3910/2962 firmware version 4.4.3* (* means firmware is not yet available)

This article demonstrates how to login to Vigor Router’s Web UI by 2FA(TOTP). Follow the steps below:

1. Go to System Maintenance >> Administrator Password Setup.

• Change the password.(Optional but recommended)
• Check Enable Advanced Authentication method when login from "WAN".
• Choose Time-based One-time Password (TOTP).
• Save the Secret or QR-Code.

• Use your phone to open a authenticator application(ex: TOTP Authenticator) to add an account by scanning the QR-Code.

After scanning the QR-Code, you can see the code on your phone.

• Enter the Validation Code which shows on your phone and then click Verify.
• Click OK to save.

2. Now if the network administrator wants to login router’s Web UI from WAN IP/ the Internet, network administrator has to enter Username and Password, then input the 2FA Code.