Enable 2FA

This chapter covers the following topics:

Enable 2FA in Management Console

To enable the Two-Factor authentication, proceed as follows:

  1. Open the Management Console.
  2. In the Settings menu, select General.

If you log in using the sub-administrator credentials, click My Profile instead of Settings

  1. Select the Enable Two-Factor Authentication (2FA) check box.

  1. Select if you will use the MSP360 application (MSP Control for Android or MSP Admin for iOS) to receive push notifications or a third-party authenticator on your mobile device, and then proceed with enabling 2FA as described in the Enable Two-Factor Authentication dialog. Validate your account by entering the 2FA verification code from your installed authenticator.
  2. Save provided recovery codes that can be used to access the Management Console in case of emergency: for example, if you accidentally remove yourself from the IP Allowlist or your smartphone gets stolen. This step is mandatory.
  3. Confirm that you saved the recovery codes and click Finish. The administrator account is now secured with 2FA access.
  4. If you intend to make using 2FA by all your administrators obligatory, select the Force 2FA for all administrators check box as well.

| Top |

Add New Device for 2FA (MSP Control for Android or MSP Admin for iOS only)

You can manage devices you use for Two-Factor Authentication with MSP Control. Note that only one device can be used for 2FA confirmations, but you can use as many devices as you want for notifications.

  1. Open the Management Console.
  2. In the Settings menu, select General.
  3. In the right pane, find the device list. As you enable 2FA for the first time, it is empty.

  1. Click Add New Device.
  2. Proceed with adding your device with the installed MSP360 application as described in the Add New Device dialog.
  3. Scan the QR code to download and install the MSP360 application or manually download and install the application from Google Play or Apple App Store.
  4. Open the MSP360 application, proceed with automatic authentication, or scan the QR code again.
  5. Go to application settings to scan the QR code. QR code remains valid for a limited period of time. Request a QR code again if this period is exceeded.

If you use more than one device for 2FA purposes, refer to the Manage Devices chapter

| Top |

Temporary Disable 2FA for Selected Computer

You can temporarily disable 2FA authentication for computers used to log into Management Console. Once you log in with 2FA enabled, select the Do not ask 2FA on this computer for check box, then select a period of 2FA inactivity (up to 1 hour).

| Top |