Account
The Account tab provides options to edit basic account settings, such as description, password, email, and 2-step verification. To view this tab, click the person-shaped icon at the upper-right of the desktop and select Personal.
Modifying Account Settings
The following account settings can be edited:
- Description: Enter a description for your account. User descriptions can include up to 64 displayable Unicode characters.
- New Password: If you want to change your account password, enter a new one here and confirm it in the Confirm password field below. Passwords are case sensitive and can include up to 127 displayable characters including letters, numbers, symbols, and spaces.
- Email: Enter an email address (only for non-admin users).
- Display language: Specify the display language for your account. The display language settings you specify here take priority over the any specified at Control Panel > Regional Options > Language.
- Date format: Specify the date format depending on your preference and geographic location.
- Time format: Specify the time to be displayed in 12-hour or 24-hour format.
After modifying account settings, click OK to save changes.
2-Step Verification
2-step verification provides improved security for your DSM account. If 2-step verification is enabled, you will need to enter your password in addition to a one-time verification code when logging into DSM. Verification codes are obtained from authenticator apps installed on your mobile device. Therefore, if someone wants to access your account, he will not only need your username and password, but also your mobile device.
Requirements:
2-step verification requires a mobile device and an authenticator app which supports the Time-based One-Time Password (TOTP) protocol. Authenticator apps include Google Authenticator (Android/iPhone/BlackBerry) or Authenticator (Windows Phone).
To enable 2-step verification:
- Go to Personal > Account tab and tick the Enable 2-step verification box to launch the 2-step verification setup wizard.
- On the first screen, enter an email address. Emergency verification codes can be sent to this email address in case your mobile device is lost.
- Download and install an authenticator app, such as Google Authenticator (Android/iPhone/BlackBerry) or Authenticator (Windows Phone).
- On the following screen, open your authenticator app and scan the QR code. Alternatively, you can click the link to manually enter a secret key.
- Next, your authenticator app generates a 6-digit verification code. Enter this code into the wizard text field in order to confirm configurations are correct. If an error occurs, please make sure the system time of your mobile device is synchronized with the system time of DSM. Also, verification codes are updated periodically, so make sure the code you enter has not expired.
- Once the setup wizard is finished, click OK to save settings.
To log into DSM with 2-step verification:
When 2-step verification is enabled, you will be prompted to enter a 6-digit verification code when logging into DSM.
- On the DSM login screen, enter your username and password as usual.
- When prompted to enter a verification code, open the authenticator app on your mobile device.
- Find and enter the 6-digit verification code for your account. If your mobile device is lost, you can click the Lost phone? link, and an emergency code will be sent to your email address.
Note:
- SMTP Settings: To receive emergency codes via email, SMTP server settings must be properly setup. You can go to Control Panel > Notification or Personal > Email Account to check whether your settings are correct.
- Emergency Code Limit: Each user has a limit of 5 emergency codes. If you exceed your limit, you will need to disable and enable 2-step verification before receiving any more emergency codes.
- 2-step verification can be enforced on DSM and all related Synology mobile applications (e.g., DSM mobile and DS file).
- 2-step verification also applies to all SSH-related services, such as SSH terminal, SFTP, and rsync with SSH transfer encryption. However, since Hyper Backup and Shared Folder Sync via rsync with SSH transfer encryption do not support 2-step verification, these two services will not be able to work normally after 2-step verification is enabled.
To reset users' 2-Step verification settings:
Users belonging to the administrators group can reset the 2-step verification settings of other users.
- Go to Control Panel > User.
- Double-click the user whose 2-step verification you wish to reset.
- On the User Information tab, click the button Reset 2-Step Verification.
Note:
- If a user belonging to the administrators group is not available, you can press the physical reset button on your DiskStation to reset DSM settings and disable 2-step verification.
Account Activity
Account activity displays the login activity of your DSM account, including current connections, remembered devices, and login history.
To check your account activity:
Click the Account Activity button. A popup appears displaying the following tabs:
- Connected Users: This tab shows the following information:
- Date & Time: When the account was accessed.
- Client name and IP: Name and IP address of the device which accessed the account. Client name only appears when the account is accessed with CIFS protocol.
- Service: The protocol used to access the account.
- Resource: The system resources used by the account.
- Remembered Devices: This tab shows the remembered device management page:
- Current device is not remembered / remembered: Click Remember this device if you choose to remember the current device, and 2-step verification will no longer be required when you log into DSM on this device.
- Stop remembering other devices: You may stop remembering other devices (e.g., other computers or mobile devices) that have been remembered. This means that 2-step verification will be required when you log into DSM on these devices.
- Login History: This tab shows recent login sessions and the following information:
- Date & Time: When the account was accessed.
- Event: Shows username and IP address.
Note:
The device that you mark as remembered will be remembered only when you log in with the same account and from the same browser. You will still be prompted to enter an OTP (one-time password) for 2-step verificaiton in the following scenarios even if you have marked a device as remembered before:
- You log in with the same account but on a different browser.
- Your cookies have been removed from the browser.
- You mark a device as remembered when logging in as User A, and then mark the same device as remembered when logging in as User B. When you log in as User A again, you still need to enter a password for 2-step verification.