Two-factor authentication (2FA) in Wing FTP Server

Wing FTP Server supports two-factor authentication (based on TOTP protocol) for Web Client. Two-factor authentication will greatly improve the account security, if someone wants to login to Web Client, he needs both password and dynamic TOTP code.

To turn on this function, just enable the option "Web administration -> Domain > Users > Add/Edit a user > General > Enable two-factor authentication (TOTP) for Web Client".

When user login to Web Client for the first time, he will be asked to scan a QR code by using Google Authenticator (or other TOTP app). After which, Google Authenticator will generate a dynamic TOTP code, just enter that code into the Verify field.

After the first successful login, user will no longer be asked to scan a QR code, he just needs to enter a correct password and a dynamic TOTP code from Google Authenticator.

If user loses his phone or re-installed the TOTP app, he needs to ask admin to reset his TOTP secret code. Admin can reset the code under "Web administration -> Domain > Users > Add/Edit a user > General > Reset TOTP secret code".