SecSign ID Plugin: Nextcloud

2019-06-12 15 minutes to read
Tutorial Index

Two-Factor Authentication with SecSign for Nextcloud

This tutorial describes how to set up the SecSign ID Plugin for your Nextcloud Setup to increase login security.

Integration

Integration of the plugin into your setup

SecSign ID Integration

Please configure your desired integration of the SecSign ID Two Factor Authentication

Choose a system, where you want to add the secure login

Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you

The location to save the assigned SecSign IDs to a user account or the IDM alltogether

System to protect
?
The System you want to protect - Choose a system, where you want to add the secure login
SecSign ID Server location
?
Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you
User account location
?
The system to save the assigned SecSign IDs to a user account or the IDM alltogether
edit the settings to change the integration
Authentication
2FA
2FA blind
2FA no AP
2SA
2SA no AP
2SA blind
OTP
Enrollment
Custom ID
Pattern
IDP Custom Website
Enrollment initiated by SP
Enrollment with IDM
Show Network
Hide Network
Fullscreen
Request Solution
x
The authentication was successful
Overview and first steps

Overview and first steps

Use the SecSign ID two factor authentication app with your NextCloud installation for an easy to use and highly secure user login available on most platforms.

SecSign ID is a plugin for real two-factor authentication (2FA) for Nextcloud. 2FA adds another layer of security to your installation by using a second token. In this case the physical token is your smartphone.

If you want to secure your Nextcloud setup with SAML, for example to offer a convenient and secure 2FA SSO for your users, have a look at our Nextcloud SAML tutorial.

Questions? Feel free to get in touch with us if you need help setting up your SecSign ID app or to request a plugin for a not yet supported environment

Contact

Installation

Plugin Installation

In order to enable the SecSign ID plugin, please log in to NextCloud as an admin and navigate to Apps, choose the category Security and look for SecSign ID by SecSign Technologies Inc.
Then simply press install and enable to complete the installation.

On-premise server

On-premise server setup

If you are using a SecSign ID on-premise server setup, you need to enter the server address. You can do so in the settings tab “Configuration”.

Activation

Activate 2FA


To enable 2FA for your account, go to your personal settings and navigate to the category Security.
Before activating SecSign 2FA, make sure to generate and securely store a set of backup codes, to make sure you are never locked out of your system.

Once this has been done, scroll to the section SecSign 2FA and enter your SecSign ID to assign it to your account and enable 2FA.

By default, non-admin users cannot edit their SecSign 2FA settings themselves.

User configuration

User configuration

By clicking on the SecSign Icon in your navigation bar, you can navigate to the app settings. Here you can decide on the rights of your users and enable or disable SecSign 2FA for your users.
This section is also where you can find user onboarding and server settings. User onboarding allows you to create a SecSign ID for your users in a simple and quick onboarding process.

Login

How to log in

To log in using SecSign 2FA follow these steps:

  1. Enter your username and password as usual
  2. Choose SecSign 2FA (not necessary if no other 2FA providers are enabled)
  3. Authenticate yourself by using the SecSign ID App on your phone and pressing the same access pass that is shown to you in your NextCloud login.
Troubleshooting

Troubleshooting

With NextCloud 15, enforcing 2FA for all users or users of specific groups has become an option. Beware that users with no SecSign ID set up will not be able to log in if this setting is activated.
If a user is ever locked out, admins can use the occ command line tool to disable 2FA for a specific user.
If there are any issues regarding the authentication via the SecSign ID app, feel free to contact us at support@secsign.com

Your own ID-Server

On premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.

Learn More
On Premise 2FA ID

Latest Blog Posts, Updates & Features

SecSign ID Server passed FIDO Certification

We are happy to announce that the SecSign ID server has passed the official FIDO certification program of the FIDO Alliance. This will allow you to use the complete FIDO2/WebAuthn standard for passwordless 2FA sign-ins in your exi ...

Mehr Lesen

Two-Factor Authentication with Fido2 / WebAuth

The FIDO2 Project is a set of standards developed by the FIDO Alliance and the World Wide Web Consortium (W3C) to create a strong authentication protocol for the web. It consist mainly of the WebAuth standard for the browser part ...

Mehr Lesen

Protecting the Home Office VPN with 2FA

In the recent weeks, home office work has increased potentially. And while employees are practicing social distancing from their home computer, attackers are working hard to exploit security issues in this situation that is unfami ...

Mehr Lesen
SecSign 2FA