Two-factor authentication

To increase security when signing in to the ESET Business Account (EBA) portal, a one-time password (OTP) is generated and must be supplied once the user has successfully authenticated using their general access credentials.

Two-factor authentication (2FA) can be enabled per company or per user.  

note

Note

If you enable 2FA and log out from the EBA portal, on the next login attempt you must complete the 2FA activation process (you cannot cancel the process once it has started) or your user account will be locked out of the EBA portal.

Enable 2FA per company

a)Navigate to the Dashboard and click Activate in the Activate the Two-Factor Authentication tile.

b)Navigate to Settings > Security, and enable the slider bar next to Require Two-Factor Authentication for all users.

Enable 2FA per user

1.Navigate to User management, click a user, select Edit, scroll down and enable the slider bar next to Two-factor authentication.

2.Users can enable 2FA in their own profile by turning on Two-factor authentication.

Set up 2FA

Once 2FA is enabled in the application, the user will be required to set up 2FA on their next login attempt.

1.Click Setup.

2.If you do not have the ESET Secure Authentication (ESA) mobile app installed, install and activate the ESA mobile app.

3.Open the mobile app, tap the + icon and scan the QR code displayed in the EBA portal page.

4.In the EBA portal, click Continue.

5.Generate a one-time password in the mobile app. (Tap the button displaying the company name of your EBA portal).

6.On the Enter code page, enter the one-time password in the blank field and click Authenticate.

7.Click Finish.

important

Backup codes

After successfully activating 2FA, you will receive a set of backup codes in an email. You can use the backup codes if your mobile device where ESET Secure Authentication (ESA) mobile app is activated is not available. Keep your backup codes safe. You can resend the backup codes to  your email address from your EBA profile by clicking Resend backup codes next to Two-factor authentication.

Installation and activation of mobile app

1.In the EBA portal, click Activate via link.

2.Visit the displayed link and tap Add account.

3.When redirected to the application center of your mobile phone's operating system, install the application.

4.Open the application, review the license agreement and tap I accept.

5.We recommend that you set a PIN to protect the mobile application from unauthorized access. To set your PIN tap Yes when prompted, type your PIN into the New PIN and Confirm PIN fields and then tap OK.

6.Click Continue in the EBA portal page.

7.Generate a one-time password in the mobile app. (Tap the button displaying the company name of your EBA portal).

a.If a new token has not been added to the ESA mobile app, tap the menu icon and select Get Tokens.

8.On the Enter code page, enter the one-time password in the blank field  and click Authenticate.

9.Click Finish.

 

Deactivate two-factor authentication

If 2FA is enabled per company, all users are forced to use 2FA and it cannot be deactivated per user.

If 2FA was enabled per company, but later disabled in Settings, it will still remain active for users registered thus far. However, users can deactivate it in their profile.

note

Requirements to deactivate 2FA

To deactivate 2FA, you are required to provide:

1.Your ESET Business Account portal password.

2.One-time password, or backup code if you click Use backup code in the dialog.