You are here: Configuration and Operations > Administration Tab > Web Interface > Appliance Management Interface Users > Recovery Code Link

Recovery Code Link

The Recovery Code link displays a page that enables use of the HMAC-Based One Time Password (HOTP) authentication to change the Appliance login password when it has been forgotten and the user is unable to log in.

The first step requires the user to download an HOTP supported application on a device. Once installed, select the recovery code link in the Tenable Appliance interface to display the information required to set up the Appliance’s HOTP information on the device. Only the recovery page for the logged-in user will display. There are two different methods for entering the information.

The first method on the page is the QRCode Image of Recovery Secret. Scan the QRCode image with the HOTP application. The HOTP application will display information about the new credentials.

The second method is to manually enter the information supplied in the Text Entry of Recovery Secret section. Depending on the application used, you will need to enter one or more pieces of the supplied information. Select Counter or Key based if/when asked during the manual account setup. The Counter field displayed indicates the number of times the user has reset the recovery secret.

A new recovery secret can be created for the user if the HOTP device should become compromised. As the compromised user, select your own username from the drop-down and enter your password in both the password and confirm password fields. Then, click Setup Recovery Secret to generate a new recovery code. A green banner will display indicating the change succeeded or a red banner will display indicating failure with a note indicating the incorrect information.

To confirm the HTOP application is configured correctly, generate a code from your software and enter it in the Enter a code from your software field and click Check. Entering the correct value will display the correct token and a message to validate success. Entering an incorrect value will produce an error message and the page will have to be reloaded. Entering an invalid code will cause the field to turn red; you will have the option to enter the code again.

If the password is lost and must be changed, navigate to https://<IP address or hostname>:8000/password. On this page, enter your username, the new password to associate with your account, and three of the codes in sequential order as provided by your HOTP application.

Whenever the password is changed, a new recovery code is generated. The HOTP program must be updated as the previous HOTP code becomes invalid when a new password is set.

All Appliance Management Interface Users have equal and complete access to the appliance.

Copyright © 2016. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.