Two-Factor Authentication (2FA) can only be enabled when the Advanced Password Policy is active.
The administrator can choose whether users are allowed to enable 2FA themselves or whether it must be enforced for all users.
When 2FA is mandatory, users cannot disable it and must complete the configuration before they can access the portal.
This provides an additional layer of protection, ensuring that accounts remain secure even if login credentials are compromised.
Supported Authentication Methods
The system supports the following authentication methods:
| Method | Description |
|---|---|
| Authenticator App | Generates temporary verification codes using compatible applications such as Google Authenticator or Microsoft Authenticator. |
| Recovery Codes | Twenty single-use recovery codes that can be used if the authentication app is unavailable. |
| Trusted Device | Allows users to remember a trusted device for 30 days, preventing the system from requesting the second authentication factor at every login. |
Was this helpful?
0 / 0