RBLTracker currently supports two-factor authentication using TOTP (Time-Based One-Time passwords). There are many freely available TOTP clients, but this help document focuses on the Google Authenticator application, which is freely available for Android, iOS, and Blackberry devices.
Turning On Two-Factor Authentication
To enable two-factor authentication, first install the Google Authenticator application. More information is available here:
Once installed, navigate to the Account -> Profile section of the RBLTracker portal, and click the “Enable Two-Factor Authentication” option near the bottom of the page:
You will then be presented with a QR code to scan. This QR code automatically configures your Google Authenticator application with the appropriate authentication token.
Open your Google Authenticator application, click on the + (plus) icon at the top of the application to add a new profile, and then select the “Scan Barcode” option. Scan the QR code presented to you on your screen. This will automatically add the RBLTracker profile to your Google Authenticator account.
Once you’ve successfully imported the RBLTracker profile into your Google Authenticator account, simple click the “Close” button to complete. This will save your account settings, and activate the two-factor authentication requirement on your account.
Turning Off Two Factor Authentication
You can disable two-factor authentication at any time after this, by clicking on the “Disable Two-Factor Authentication” button on the Account -> Profile section of the RBLTracker portal.
Logging In
Once you’ve enabled two-factor authentication, each time you log in, you’ll be presented with an authorization challenge screen, prompting for the current TOTP value from your Google Authenticator application:
Simply open your Google Authenticator application, and enter the 6-digit authentication code provided on the RBLTracker profile.
TOTP authentication codes automatically rotate ever 30 seconds. You will have up to 30 seconds to enter the current code before it expires. If the code you enter is rejected, just wait a few seconds for the code to regenerate and try again.