====== 5-Minute Activation of the Second Factor for INFN-AAI ======

//Istruzioni in italiano: [[cn:ccr:aai:doc:2fa:rapid|]]//

The second factor consists of a **One Time Password (__OTP__)**, a disposable password with a short expiration time, generated each time through an application on your smartphone.

===== 1. Installing the OTP Generation Application =====

  * //NOTE: The recommended application is privacyIDEA Authenticator on your smartphone. Otherwise, check the other [[cn:ccr:aai:doc:2fa-en:app]]. Once you have the application, proceed to the next step.//

  * 1) **ON YOUR SMARTPHONE: Download the privacyIDEA Authenticator application from** [[https://play.google.com/store/apps/details?id=it.netknights.piauthenticator|Android Play Store]] or [[https://apps.apple.com/us/app/privacyidea-authenticator/id1445401301|Apple Store]]
  * 2) Ensure that the application opens without issues;
  * 3) Close the application for now and proceed to the next step.

===== 2. Linking the Application to Your Account =====
  * 1) **ON YOUR COMPUTER**: Go to the page [[https://mfa.app.infn.it/]]
  * 2) Log in using INFN-AAI credentials
  * 3) In the window, select, on the left, "**Enroll Token**" / "** Registra token**"
  * 4) Click the "**Enroll Token**" / "**Registra token**" button at the bottom
  * 5) A QR Code will be displayed
  * 6) **ON YOUR SMARTPHONE**: Open the OTP management application and scan the code on the computer screen (for privacyIDEA Authenticator, click the button at the bottom center).
  * 7) **ON YOUR COMPUTER**: Read the six-digit OTP on your smartphone and enter it in the textbox under "**Please enter a valid OTP value of the new token**"
  * 8) Click the "**Verify Token**" button

===== 3. Using the OTP =====

  * From now on, every INFN-AAI login will also require entering the OTP
  * Open the application on your smartphone and copy the displayed code

===== Further Information =====
  * [[cn:ccr:aai:doc:2fa-en:]]
  * [[cn:ccr:aai:doc:2fa-en:app|]]