Enabling Multi-Factor Authentication (MFA) in Cloud

To increase the overall security of your Cloud site, it is possible to enable Multi-Factor Authentication (MFA). This extra security layer on top of your regular login will add further protection to your asset and user data stored in Cloud.

There are two ways to implement MFA. You can enable SSO in Cloud, in which case you can use the MFA options made available by your identity provider. Alternatively, you can use the MFA configuration that is built into Cloud itself.

Enabling MFA through the use of SSO

There is separate documentation on how to enable SSO in Cloud. By enabling SSO, you can log into Cloud using your preferred identity provider, Azure Active Directory for instance. You can then also enable and enforce MFA through the identity provider itself, ensuring a seamless login process.

Enabling MFA through Cloud itself

 

If you don't wish to enable MFA through the use of SSO, you can also enable MFA in Cloud itself. MFA can be enabled on an account level and your Cloud site can also be configured to require MFA. This article explains how to enable MFA for your individual account, and how to enforce it for your entire site.

Make sure to enable Multi-Factor Authentication for your individual user account before enforcing it in your Cloud site.

Enable Multi-Factor Authentication for an individual account

Before enabling MFA, make sure to have an authenticator app like Microsoft Authenticator or Google Authenticator installed on your mobile phone. Other authenticator apps should also work.

To enable MFA for the logged-in account, go to the Settings menu by clicking your profile image in the bottom left corner of the Cloud interface. Here, click Account settings. Switch on MFA as shown below. A QR code will be presented that you can scan with your preferred authenticator app.

Upon scanning the QR code, the account will be added to your authenticator app and a One-Time Password (OTP code) will be generated by the app. Fill in the OTP code presented by the app underneath the QR code.

Click Continue and you will be presented with a new window that shows a recovery key. Make sure to save the recovery key in a safe place and click Done. MFA is now enabled for your account.

In addition to your regular credentials, you will now be asked to generate an OTP code with the authenticator app when logging in. Alternatively, you can use the recovery key to log in. If you log in with a recovery key, a new key will be generated to replace the previous one.

Enforce Multi-Factor Authentication for all accounts linked to a site

To enforce MFA for all accounts that have access to your Cloud site, go to Configuration\Site settings and switch on MFA as shown below.

 

After confirming in the popup window, MFA will be enforced for the site. Any user trying to access the site will be forced to enable MFA first, before getting access. Each user can configure MFA in their own account settings as explained earlier in this article.

Related Articles

Get Started Right Away

Try Lansweeper for Free