Online Help > Web Interface > Administration > Configuration > Password Server Settings > Security

Two-Factor

Description

 

BadgeInfo48x48

This feature is only available with Devolutions Password Server Enterprise or Platinum licenses.

 

Configure Two-Factor Authentication in Devolutions Password Server to add an extra layer of security to the application.

Devolutions Password Server supports 9 types of 2FA. You can configure a default 2FA type for your entire organization or configure 2FA by user. When 2FA is configured, users log in with their username/password as well as a 2FA product.

 

How to Configure 2FA from the Web Interface

 

Settings

 

1.To access the 2FA configuration, click Administration – Password Server Settings – Two-Factor

2.Choose how you want to enforce two-factor authentication in 2FA usage.

 

OPTION

DESCRIPTION

None

2FA is not enforced.

Optional per user

2FA is enforced on an individual basis. The administrator chooses who uses 2FA and what product or technology they use.

 

Choose this option if not all users are set up for two-factor authentication.

Required

2FA is enforced for all users. A default 2FA type is set for all users.

 

3.Select who receives 2FA reset requests from users. You can choose to send the email to all Devolutions Password Server administrators or a specific email.

4.If you chose to send reset requests to an email address instead of the Devolutions Password Server administrators, enter the email address in specific email.

5.Select the 2FA types users can authenticate with. Choose as many as necessary.

Supported 2FA methods include:

Google Authenticator

Yubikey

Email

SMS

DuoSafeNet

AuthAnvil

Radius

Vasco

6.If you chose 2FA usage as Required in step 3, choose the Default 2FA type.

7.Select alternate ways to log in. These options will be offered when users do not have access to the usual method.

 

Administration - Server Settings - Two-Factor

Administration - Server Settings - Two-Factor

 

8. When 2FA usage is set to Optional per user, the 2FA method must be configured in Administration – Users – Two Factor for each user. You can also set a 2FA type on the user if they are using a product different than the default method. See Edit Users for more information.

 

Edit User - Two Factor

Edit User - Two Factor