In this guide, we explain to you how to use Token2 programmable hardware tokens to secure your ePDQ account, which we sometimes refer to as the Back Office. 

Requirements:

• An ePDQ account (we used a test account for producing this guide, but the steps are the same for production accounts as well)

• A Token2 programmable hardware token. The time drift does not seem to be tolerated, so we recommend using programmable tokens with unrestricted time sync

• For NFC-programmable tokens, a device equipped with NFC and running one of our NFC Burner apps (for USB-programmable tokens, no additional hardware is needed)

Steps

Log in to your ePDQ account and navigate to Configuration → Password

Choose the One-Time Password configuration tab

This page will show you a QR code that you should transfer over to a Token2 programmable hardware tokens using an NFC Burner or USB Config app. 

The procedures for provisioning hardware tokens are shown below.

Once the burning/configuration process has been completed, turn the hardware token off then on again to generate a new OTP. Then, enter the OTP generated by the token in the first field, then your ePDQ password in the second field and click Submit.

If the password and the OTP are validated, you will see a message like below:

The success message window will also show a form to disable two-factor authentication. This has to be ignored - do not submit this data if you want to keep your 2FA active: submitting OTP and password on this stage will disable your two-factor authentication!

Important! ePDQ system does not tolerate time drift, so your token's system clock will need to be adjusted using the config apps. We expect this will be needed to be done around once a year.