Key Announcement for UniFi API Users: MFA – Multi Factor Authentication with Ubiquiti UniFi in July 2024
Summary
The company Ubiquiti has made a major update to its authentication protocols, specifically for the UniFi controller and UniFi OS consoles. By July 2024, all UniFi cloud accounts will need to have Multi-Factor Authentication ( MFA ) enabled as an added security measure.
Guest WiFi systems such as Fydelia will no longer work with MFA accounts and you will need to take action in order to avoid service disruption
Background
If you are a user of Ubiquiti’s services and have not activated MFA, you likely have already received the following notification:
Access the announcement made by Ubiquiti at the link provided.
In July 2024, all UI accounts will be required to have Multi-Factor Authentication (MFA) in order to comply with upcoming security measures. This was announced in a post on the UI community forum. The link to the post is: How does this impact you?
In order to maintain use of your application connected to the UniFi platform, it is essential to make the switch from utilizing remote (unifi cloud) accounts for authentication to local admin accounts on the UniFi controller promptly. This change is vital as local admin accounts are not affected by the upcoming MFA mandate, unlike UniFi Cloud accounts. To clarify, local accounts are essentially administrator accounts that do not rely on UniFi Cloud, and MFA can be avoided. What are the benefits of using a local admin account? Access the UniFi Controller on your self-hosted or software-based platform through the updated interface and proceed with the instructions provided. To grant the new account with the appropriate Site Permissions, it must have equivalent access as your existing UniFi cloud account. Usually, choosing the Site Administrator role will be necessary. Systems such as Fydelia require basic admin and not read-only in order to be able to authenticate devices. Upon logging into the UniFi Controller with the updated credentials, a prompt will appear to change the password. It is important to make note of the new password. Do this once before Fydelia is required for guest WiFi and make sure your Fydelia splash page password matches. A local admin account is created for consoles using UniFi OS in the following manner. Navigate to Admins and click on the Add Admin option represented by the + icon. If you have used a different UniFi user in your Fydelia splash pages, be sure to update them with these new credentials We highly recommend that you do not delay in making this transition. Taking action early will avoid any potential interruptions in your services and provide you with sufficient time to adapt to the new setup. At our company, we acknowledge that changes such as these may present difficulties. However, our team is dedicated to making sure the transition is as seamless as possible for our clients. If you have any worries or require support, please feel free to contact us.
Steps for Transitioning to Software-Based Controllers
Generate a local administrator account:
Guide to Switching to UniFi OS Consoles
Take action immediately
Our purpose is to offer assistance