Two-Factor Authentication (2FA)

The Two-Factor Authentication has been introduced for our subscription's users.

Overview

Two-factor authentication adds an extra layer of security and prevents access to your users' session even if someone knows their password.

A combination of two different factors is used to achieve a greater level of security:

1) something they know, a password.
2) something they have, a device - such as a smartphone - with an authentication app installed..

You can use one of the following authenticator apps to proceed. These apps are available across a wide range of platforms:
- Authy
- Google Authenticator
- Microsoft Authenticator

Each time a user sign in to its remote session it will need its password and a verification code available from its mobile phone. Once configured, the authenticator app will display a verification code to allow him or her to log in any time. It works even if its device is offline.

The 2FA codes generated are TOTP (time-based one time password), and therefore are for single use.

Therefore, it is not possible to reuse a 2FA code that has already been used. This prevents the theft and then the use of a 2FA code by observing the user while he enters his code.

Open Administration Console

First, to access the Administration Console, click on the "Administration" menu. You must be an administrator of your subscription.

Administration menu

Security

By enabling the 2FA in the Security tab, each user assigned to the same subscription will be able to login using 2FA.

Security Tab

Login using Two-factor Authentication

Once a user has signined with login and password, he or she will be able to configure it's 2FA using one of the available provider, by app or Email.

2FA Setup

Time Synchronization

2FA require both Remote Support server and client application share the same time. That's why Client devices should have time synchronization.

If an authentication request comes from a Device whose date and time are not synchronized this request may be rejected by Remote Support server.

The validation of information between the Device and the server relates to UTC time.

In the Two-Factor Authentication section, the code lifespan parameter is used to manage the period of validity of the code, in minutes.

2FA Discrepency

Validity since last session

The connection lifespan lets you define the duration of a 2FA session in hours. After this time period elapses, user will be required to signin again using their 2FA if he or she want to connect to a computer.

2FA Lifespan