Two-Factor Authentication With Third-Party Authenticators

Introduction

In addition to the regular authentication with login and password, Management Backup offers two-factor authentication (2FA) for users that require improved security for their accounts.

Two-Factor Authentication (2FA) adds a second layer of login security for the main administrator and sub-admin accounts. The two-factor authentication is based on the authenticator application that generates a unique code that must be entered at each login attempt to the Management Console.

You can use Google Authenticator or Microsoft Authenticator on your iOS or Android mobile devices to manage 2FA authentication codes.

Before Using Two-Factor Authentication

Download and install the authenticator application of your choice from the App Store for iOS and Google Play for Android. If you intend to force your administrators to use two-factor authentication, they need to download and install this authentication application as well.

The following authentication applications are supported:

• Google Authenticator app for iOS or for Android
• Microsoft Authenticator app for iOS or for Android

Enable Two-Factor Authentication in Management Console

Two-factor authentication must be configured for every administrative account separately:

• The two-factor authentication can be enabled for the service provider (main administrator) by themselves
• The two-factor authentication can be enabled for sub-administrators by the administrator

Enable the Two-factor Authentication (for Service Provider)

1. Open the Management Console.
2. In the Settings menu, select the General item.
3. Select the Enable 2FA check box.

4. The Enable two-factor authentication dialog appears with a QR code generated to connect your device:

5. Run the Authenticator app on your device, then scan the generated QR code.

Scan the code in the pop-up window and then enter the code generated by the Authenticator app:

6. Click Validate.

Enable the Two-Factor Authentication (Sub-Administrator)

1. Open the Management Console.
2. Click My Profile.
3. Select the Enable 2FA check box. Click Save.

4. Enable two-factor authentication dialog appears with a QR code:

5. Run the Authenticator application on your device, then scan the generated QR code.

Scan the code in the pop-up window and then enter the code generated by the Authenticator app:

6. Click Validate.

Log In with Two-Factor Authentication Enabled

Once the two-factor authentication is enabled, on every login attempt to the Management Console you will be prompted to provide the authentication code generated in your authenticator application.

1. Run the Authenticator application on your device.
2. Enter the code into the appropriate field.

Two-Factor Authentication Recovery Codes

For emergency cases, Managed Backup provides alternative codes for authentication.

These codes can be used for access even in case you are not included in the Allowlist or your device with the authenticator app is not available for some reason (for example, you broke it).

When 2FA is enabled, recovery codes are provided as a mandatory step to improve your security. Read more about recovery come ci were occasionally excluded from it. For security reasons, it is recommended to generate alternative codes.

Use Recovery Codes Instead of Authenticator 2FA Codes

When some action in Managed Backup requires 2FA confirmation, the following dialog box appears:

In this dialog box, click Use 2FA recovery code, then enter one of the previously saved recovery codes in the field, then click Confirm.