Search Results :

×

Two Factor Authentication (2FA) for ASP.NET using OTP over Email

ASP.NET Two Factor Authentication (2FA) adds an extra layer of security to your ASP.NET application login process by enabling OTP verification over Email. With this method, after entering the correct username and password, users receive a time-sensitive one-time passcode (OTP) on their registered email address. To explore how this can be implemented, visit our ASP.NET Two Factor Authentication (2FA) plugin page. The login is completed only after entering the correct OTP, ensuring that only authorized users can access the application. This setup strengthens the security of your ASP.NET web application and helps protect against unauthorized access, credential theft, and other cyber threats.

  • To install the miniOrange 2FA NuGet package in your .NET application, just install the miniOrange NuGet package on top of your application.
NuGet Package
.NET CLI

PM> NuGet\Install-Package miniOrange.NET.2FA

  • After installing the package, open your browser and navigate to the miniOrange 2FA dashboard using the URL below:
 http(s)<your-dotnet-application-base-url>?admintfaconfig=dashboard
  • A database is required to test and use the miniOrange ASP.NET 2FA plugin, as the plugin stores user and configuration data in the database. Before proceeding, ensure that your application is connected to a valid database and that the required connection string is available in your application's configuration.
  • Select the required connection string from the dropdown and click on the Save Configuration button to configure the database connection for the miniOrange 2FA plugin.
ASP.NET 2FA - Database Connection

  • If the registration page or login page appears, the miniOrange 2FA module has been successfully added to your application.
ASP.NET 2FA - registeration page

  • Register or log in with your account by clicking the Register button to configure the module.
  • After successful registration, you will receive a trial license key on your registered email address.
  • To activate the module, you can either:
    • Enter the license key received via email in the provided input field.

    OR

    • Upload the license file using the Choose File button that you downloaded by clicking on the Download it from here link.
ASP.NET Framework Verify Trial License

  • Then, check the box "I have read the above conditions and I want to activate the license", and click the Activate License button.
ASP.NET Framework Activate License
  • After successful license activation, the plugin dashboard will open as shown below.
ASP.NET 2FA Dashboard

  • Click on the Configure button under the OTP Over Email to configure OTP Over SMS as the 2FA method for your users.
ASP.NET 2FA Configure OTP over Email

  • Enter the email address and click on the Get OTP button to receive a One-Time Passcode (OTP) on the specified email address.
OTP over Email - Get OTP

  • After clicking on the Get OTP button the user will receive One Time Passcode on the registered email address.
  • Enter the received OTP and click on the Verify OTP button, after verifying OTP the method will be configured and can be enabled for the end user.
OTP over Email - Verify OTP OTP over Email - Method Configured

  • After configuring the OTP Over Email method, click on the 2FA Settings button to configure the application settings required for 2FA.
  • If your application uses session variables to store user information, enable the Is Session Available? toggle. Then enter the appropriate values for the Session Username Key, Session Email Key, and Session Phone Key, and click on the Save Settings button.
OTP over Email - Session Variable

  • Add the following code to your AccountController.cs file and make sure the session keys used in the code match the values configured in the plugin settings.
 Session["username"] = username;
 Session["email"] = userEmail;
 if (!string.IsNullOrEmpty(userPhone))
 {
   Session["phone"] = userPhone;
 }
  • If your application does not use session variables to store user information, you can leave the Is Session Available? toggle disabled and proceed with the remaining configuration.
  • Ensure that the Enable 2FA toggle button is enabled before logging in as an end user.
OTP over SMS - Enable 2FA
  • After login, end users see the Setup 2FA screen. Click Configure beside OTP Over Email.
OTP over SMS - Setup 2FA

  • Enter your email address and click on the Get OTP button.
OTP over Email - End User Get OTP

  • Enter the OTP sent to your registered email address and click on the Verify OTP button.
OTP over Email - End User Verify OTP

  • On the next login, enter the OTP and click Validate.
OTP over Email - End User Validate OTP

  • The user will be logged in to their application.

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

We'll Reach Out to You at the Earliest!


ADFS_sso ×
Hello there!

Need Help? We are right here!

support