Enable hardware token based two factor authentication for Meraki Dashboard account
Meraki Dashboard has the option of requiring two-factor authentication for logging into. In addition to the default option, which is SMS, one of the options available to users is the Google Authenticator (which can be replaced by our mini-OTP1 hardware token).
This service is useful because it can provide two-factor authentication regardless of SMS service.
Please note that this guide is for Meraki Dashboard access only and not Meraki Client VPN two-factor authentication , as Meraki Client VPN is not natively supporting 2FA. Meraki Client VPN can be configured to use 2FA by integrating our TOTPRadius
solution, which supports classic hardware tokens as well
- Install Token2 Burner App and make sure your token is accessible via NFC.
- On your Android device, install and test the Token2 Burner app. You can test NFC access by "get OTP" button of the app: push the button on the miniOTP-1 device and hold it close to the NFC antenna of your Android device (usually below the camera on the back). Then on the Burner App, touch "get OTP" button. The OTP shown on the app should match the one displayed on the token.
- Log into Meraki Dashboard and navigate to the My Profile page on the top right.
- Find the Section labeled SMS authentication and select the appropriate hyperlink from the listed options. The QR codes shown are identical for Android and iPhone (we have not tested with Blackberry)
- Launch Token2 Burner App on your Android device. Click on Scan QR button and scan the QR code shown on the Dashboard page. Then, push the button on the miniOTP-1 device and hold it close to the NFC antenna of your Android device (usually below the camera on the back). Click on "burn seed" button. The app should show "burn seed process succeeded" message if the process is successfully completed.
- In the Dashboard, enter the one-time password generated by your miniOTP-1 token (you need to push the button on the token) to "3. Verify your device" field, and click Verify.
- Once verified, select Continue and then OK to turn on two-factor authentication.
Meraki dashboard will also display 8 emergency backup codes ("2. Record your one-time codes"). These codes are only displayed once, so be sure to write them down and store it somewhere safe. If your token is ever lost or stolen, you can use these codes to disable two-step authentication on your account.
If you lose your codes but still have access to your account, you can generate new backup codes from your two-step authentication settings.