• Docs Home
• Platform
  • Multi Factor Flow
  • User Enrollment
  • Domain Attributes
• Guides
  • Admin Panel
  • User Management
  • Applications
  • Admin Logs
  • Authentication Logs
  • Administrator Roles
  • Policies
  • Hardware Tokens (OTP)
  • Software OTP Tokens
  • Email OTP
  • Bypass Codes
  • Devices
  • Phones
  • U2F Tokens
  • Push Number Matching
  • Passcode Grids
  • Enrollment Email
  • LoginTC Managed
• End-User Guides
  • iOS App
  • Android App
  • Chrome Extension
• REST API
  • Users
  • Domains
  • Tokens
  • Bypass Codes
  • Hardware Tokens
  • Sessions
  • Organizations
  • Client Libraries
• Connectors
  • AD FS
  • Apache
  • Array Networks
  • Barracuda
  • Box
  • Check Point
  • Cisco ASA
  • Citrix NetScaler
  • Dropbox
  • F5 Big-IP APM
  • Two Factor Authentication (MFA) for Fortinet Fortigate SSL VPN
  • Freshdesk
  • Juniper
  • RADIUS
  • MariaDB
  • Netgate pfSense
  • Office 365
  • OpenAM
  • OpenVPN
  • OpenVPN AS
  • OWA
  • Palo Alto
  • PostgreSQL
  • Pulse Connect Secure
  • RADIUS
  • Two Factor Authentication (MFA) for RD Gateway (RADIUS)
  • Two Factor Authentication (MFA) for Remote Desktop Web Access (RD Web)
  • Sophos UTM
  • SonicWALL
  • SiteMinder
  • Unix SSH
  • VMware Horizon View
  • Web
  • WatchGuard
  • WatchGuard Access Portal
  • Windows Logon and RDP
• Tools
  • User Sync
• Downloads
• Release Notes
  • LoginTC RADIUS Connector
  • LoginTC AD FS Connector
  • LoginTC RD Web Access
  • LoginTC RD Gateway SSO
  • LoginTC OWA
  • LoginTC Windows Logon Connector
  • User Sync Tool
• Service Status
• Knowledge Base
• Help

Phones Guide

• Overview
• Adding a Phone
• Managing Phones
  • Associating with a User
  • Disassociating from a User
  • Edit Phone
  • Enabling / Disabling SMS Passcode Authentication for an Application
  • Enabling / Disabling Phone Call Authentication for an Application
  • Enabling / Disabling SMS Passcode Authentication for a Domain
  • Enabling / Disabling Phone Call Authentication for a Domain
• Searching Phones
• Telephony Credits
• SMS Passcode Authentication
  • LoginTC Login Window
  • Challenge and Challenge Interactive Mode
  • Direct Mode
• Phone Call Authentication
  • LoginTC Login Window
• Troubleshooting

Overview

Phones are telephone numbers that can authenticate a user. A user’s phone can receive one time passcodes (OTPs) via SMS or a phone call to login.

Adding a Phone

To add a phone:

1. Log in to LoginTC Admin
2. Click Phones
3. Click Create
4. Enter phone details
5. Click Add

Managing Phones

Associating with a User

To associate a phone with a user:

1. Log in to LoginTC Admin
2. Click Phones
3. Click the phone you would like to associate
4. Click Associate User
5. Select the user you would like to associate. Use the Search filter to narrow down results
6. Click Associate User

Disassociating from a User

To disassociate a phone with a user:

1. Log in to LoginTC Admin
2. Click Phones
3. Click the phone you would like to disassociate
4. Click Disassociate User

Edit Phone

To edit a particular phone details click on the Settings button from the phone details page:

Phone

Enabling / Disabling SMS Passcode Authentication for an Application

To enable or disable SMS One-time Password (OTP) for an application:

1. Log in to LoginTC Admin
2. Click Applications
3. Select the application you want to modify
4. Select the appropriate application policy
5. Under Authentication Methods Scroll down to SMS One-time Password (OTP)
6. Select either Enabled or Disabled
7. Scroll down to the bottom of the page and click Save

Enabling / Disabling Phone Call Authentication for an Application

To enable or disable Phone Call for an application:

1. Log in to LoginTC Admin
2. Click Applications
3. Select the application you want to modify
4. Select the appropriate application policy
5. Under Authentication Methods Scroll down to Phone Call
6. Select either Enabled or Disabled
7. Scroll down to the bottom of the page and click Save

Enabling / Disabling SMS Passcode Authentication for a Domain

To enable or disable SMS OTP for a domain:

1. Log in to LoginTC Admin
2. Click Domains
3. Select the domain you want to modify
4. Click on Settings:
5. Scroll down to SMS OTP Enabled
6. Select either enabled or disabled
7. Scroll down to the bottom of the page and click Update

Enabling / Disabling Phone Call Authentication for a Domain

To enable or disable Phone Call for a domain:

1. Log in to LoginTC Admin
2. Click Domains
3. Select the domain you want to modify
4. Click on Settings:
5. Scroll down to Phone Call Enabled
6. Select either enabled or disabled
7. Scroll down to the bottom of the page and click Update

Searching Phones

To search for a particular device:

1. Log in to LoginTC Admin
2. Click Phones:
3. Enter a search term in the search field
4. Click Search

The keyword is matched with any one of the following user and phone attributes:

• User username
• User email
• User name
• Phone number
• Phone name

Telephony Credits

Sending SMS messages will use up your organizations’ Telephony Credits. LoginTC uses a service provider to perform the actual SMS, so the credits simply cover the cost to send an SMS message.

To manage Telephony Credits:

1. Log in to LoginTC Admin
2. Click Billing
3. Scroll down to Telephony Credits:

There are two types of credits: Account Credits and Backup Credits. Account Credits are 100 times the number of users you have and gets refilled annually. So if you have 100 users you have 10,000 credits for the organization, any user can use them. They do not rollover to the next year, rather they are refilled based on the user limit. Backup credits do roll over and are essentially permanently available until used. Backup credits are only used once there are no remaining Account Credits.

SMS Passcode Authentication

LoginTC Login Window

With the LoginTC iframe simply select the Phone from the Authentication Method dropdown menu and then select LoginTC Passcode:

Click SMS me a passcode to receive a LoginTC Passcode on the selected device. Authenticate by entering the passcode in the input field and clicking Log in.

Challenge and Challenge Interactive Mode

The sms and last 4 digits of phone number methods can also be used in Challenge and Challenge Interactive authentication modes on the LoginTC RADIUS Connector for a smooth user experience. In the Challenge window simply enter sms or last 4 digits of phone number to receive an SMS. If Challenge Interactive is the authentication mode then a second window will display in which the OTP can be directly entered.

Direct Mode

When authenticating, a user enters their username normally. In the password field, they should should enter their password followed immediately by a comma and sms or last 4 digits of phone number:

Regular input (without phone) :

    username: john.doe
    password: johnPassword

Input with sms:

    username: john.doe
    password: johnPassword,sms

Input with last 4 digits of phone number:

    username: john.doe
    password: johnPassword,5555

If the user has a Phone associated with them and SMS authentication is enabled the user will receive an SMS with a 6-digit One-Time Passcode (OTP). If sms is used then the oldest phone associated with the user will be sent the OTP. When last 4 digits of phone number is entered then the phone matching the last 4 digits will be used. The OTP can then be used in a subsequent authentication:

Input with OTP

    username: john.doe
    password: johnPassword,123123

For more examples see: SMS Passcode

Phone Call Authentication

LoginTC Login Window

With the LoginTC iframe simply select the Phone from the Authentication Method dropdown menu and then select LoginTC Phone Call:

Click Call me to receive a phone call.

Answer the phone call and listen to the message.

Authenticate by pressing any number on your phone. Hanging up will deny the authentication.

If the phone is not answered or a number is not pressed in time, the authentication request will timeout.

For more examples see: Phone Call

Troubleshooting

Need help? Please see our Help Page, Knowledge Base or contact us directly at support@cyphercor.com.