Two-factor Authentication

Introduction

In addition to the regular authentication with login and password, the Management Backup offers two-factor authentication (2FA) for users that require improved security for their accounts.

Two-Factor Authentication (2FA) adds a second layer of login security for the main administrator and sub-admin accounts. The two-factor authentication is based on the authenticator application that generates a unique code that must be entered at each login attempt to the Management Console.

You can use Google Authenticator or Microsoft Authenticator on your iOS or Android mobile devices to manage authentication codes when logging into Managed Backup.

Before Using Two-factor Authentication

Download and install the authenticator application of your choice from the App Store for iOS and Google Play for Android. If you intend to force your administrators to use two-factor authentication, they need to download and install this authentication application as well.

The following authentication applications are supported:

Enable Two-Factor Authentication in Management Console

Two-factor authentication must be configured for every administrative account separately:

  • The two-factor authentication can be enabled for the service provider (main administrator) by themselves
  • The two-factor authentication can be enabled for sub-administrator by administrator

To Enable the Two-factor Authentication if You Are Logged as Service Provider

  1. Open the Management Console.
  2. In the Settings menu, select the General item.
  3. Select the Enable 2FA check box.

  1. The Enable two-factor authentication dialog appears with a QR code generated to connect your device:

  1. Run the Authenticator app on your device, then scan the generated QR code.

Scan the code in the pop-up window and then enter the code generated by the Authenticator app:

  1. Click Validate.

Note: if you delete the Authenticator app from your phone, you will not be able to authenticate. In this case, contact the support team and request to disable two-factor authentication. This may take some time.

To avoid this situation, be aware to disable the two-factor authentication option in the Management Console before you delete the Authenticator application from your device

You can create alternative codes for authentication in emergency cases as described below.

To Enable the Two-factor Authentication if You Are Logged as Sub-Administrator

  1. Open the Management Console.
  2. Open the My Profile tab.
  3. Select the Enable 2FA check box. Click Save.

  1. Enable two-factor authentication dialog appears with QR code generated to connect your device:

  1. Run the Authenticator application on your device, then scan the generated QR code.

Scan the code in the pop-up window and then enter the code generated by the Authenticator app:

  1. Click Validate.

Note: if you delete the Authenticator app from your phone, you will not be able to authenticate. In this case, contact your service provider and request to disable two-factor authentication. This procedure may take some time.

To avoid this situation, make sure to disable the two-factor authentication option in the Management Console before you delete the Authenticator app from your device.

Log In with Two-Factor Authentication Enabled

Once the two-factor authentication is enabled, on every login to the Management Console you will be prompted to provide the authentication code generated in your authenticator application.

  1. Run the Authenticator application on your device.
  2. Enter the code into the appropriate field.

Two-Factor Authentication Alternative Codes

For emergency cases, Managed Backup provides alternative codes for authentication.

These codes can be used for access even in case you are not included in the Allowlist or were occasionally excluded from it. For security reasons, it is recommended to generate alternative codes.

To Get the Authentication Alternative Codes

  1. Open the Management Console.

  2. In the Settings menu, select the General item.

  3. Select the Enable 2FA check box (in case it was not selected).

  4. Click 2FA Alternative Codes link.

  5. In the 2FA Alternative Codes dialog box, click Generate New Codes.

  1. Once alternative codes are generated, download or print codes. The alternative codes must be kept in a safe place. Every code can be used only once.