Enable Two-Factor Authentication
To provide full control over 2FA, 2FA can be enabled at the account level for all Dashboard users or on a user-by-user basis, either by the Dashboard's administrator or by the user when they attempt to initiate a Take Control or Remote Background Management connection.
Once 2FA is enabled, the selected users are prompted to either immediately begin the activation process (Take Control or Remote Background Management) or when they next login (global or individual).
Please note, the 2FA management options are only available when logged on to the Dashboard using an account with enhanced privileges. Go to Settings > Users > Roles and Permissions to set and update feature access settings for users based on their role.
Global - General Settings
To enable Two-Factor Authentication for all Dashboard users:
- Go to Settings > General Settings > Security
- Tick the Require Two-Factor Authentication box to enable
- OK to save changes and apply.
Once 2FA is enabled, all users are prompted to begin the activation process on their next login.
Individual or Specific Users
User Account Dialog
For those situations where it may not be practical to enable 2FA for all Dashboard users, 2FA may be enabled for individual users:
- Go to Settings > Users > User Accounts
- Multi-select the target users (Shift and left-click to choose a range of users or Control and left-click for specific users)
- From the Users drop-down (or right-click context menu)
- Choose Two Factor Authentication and Set As Required to enable
- Click OK then enter the password of the account you logged into the Dashboard under to confirm
The user is prompted to begin the activation process on their next login
Important: please be aware that where 2FA is enabled for all Dashboard users, the option to enabled or disable individual users is unavailable.
When in the Dashboard the option to enable 2FA is available from the user menu in the top navigator bar.
- Click on your name
- Choose Enable 2FA
- The user starts the 2FA activation process
Current 2FA State
The current 2FA state of each user is displayed in the User Accounts dialog. A green tick indicates 2FA is active, an empty tick indicates 2FA is pending authentication.
Take Control or Remote Background Management Session
In addition to the relevant Take Control and / or Remote Background Management permissions, to initiate a connection the user must have a 2FA active login.
Where the user has the required Dashboard permissions setup, but 2FA is not active for their account, they are prompted to setup 2FA before they can initiate a remote connection.
This dialog displays the email address the verification email will be sent to and will initially have the option to Activate Now or Activate Later.
If they opt to proceed with 2FA setup from this dialog, they are logged out of their current Dashboard session to complete the 2FA activation process.
The user only enters their 2FA code when logging into the Dashboard, they are not prompted to enter the code each time they attempt to initiate a Take Control or Remote Background Management connection.