NormShield supports optional two factor authentication; the first factor being classic username/password tuple and the second factor being SMS one time passwords. Figure 1 shows example screenshots. First the user enters his/her credentials, after validation an SMS One Time Password is sent to the registered cell phone number of the user. A second screen asks for this OTP for complete access.
Figure 1 - Two factor authentication with SMS OTPs is supported
In order NormShield to use SMS OTPs, an SMS gateway URL should be defined in Settings interface.
Figure 2 shows forgotten your password interface which is shown when Forgotten your password? link is clicked in Figure 1. Users should enter their valid username/email and GSM numbers in order NormShield to generate and send a password reset link to the appropriate email box. The link has an expiration timeout so if it stays idle for some period it will go obsolete.
Figure 2 - Forgotten your password