Google Auth

General

In order to enable the agents to log in with Google Auth, follow the steps below:

Navigate to security settings

Go to the settings page of your account: https://myaccount.google.com/u/1/security

Start the authenticator flow

MFA Onboarding

Click on the authenticator app option to configure the MFA.

Get secret instead of code

When seeing the QR code, select the option "Can't scan it?"

Copy the key

Store key in password manager

Now add the key for the password manager in a password manager of choice. We recommend using a password manager that easily allows for the extraction of the key like 1Password or Bitwarden

Fulfil the the flow and enable 2-Step Verification

Set up authentication in Aikido Pentest

Write your instructions in a similar format as below

Step 1: Go to domain.com/login
Step 2: Select "Google Login". You will be redirected to accounts.google.com
Step 3: provide the following credentials:
- username: [email protected]
- password: wrongpassword
Step 4: Generate the TOTP and log in
Success criteria: When successfully logged in, you will see "Hello Patrick" on the homescreen

Add the TOTP URL

Add the key in the correct base32 format. When adding the key from Google, make sure to remove the spaces

Last updated 1 day ago

Was this helpful?