Two-factor authentication

To increase security when signing in to ESET Business Account (EBA) portal, a one-time password (OTP) is generated and must be supplied once the user has successfully authenticated using their general access credentials.

Two-factor authentication (2FA) can be enabled per company or per user.  



If you enable 2FA and log out from the EBA portal, on the next login attempt you must complete the 2FA activation process (you cannot cancel the process once started) or your user account will be locked out of the EBA portal.

Enable 2FA per company

a)Navigate to Dashboard, click Activate in the Activate the Two-Factor Authentication tile.

b)Navigate to Settings > Security, turn on Require Two-Factor Authentication for all users.

Enable 2FA per user

1.Navigate to User management, click a user, select Edit, scroll down and turn on Two-factor authentication.

2.Users themselves can enable 2FA in their profile by turning on Two-factor authentication.

Set up 2FA

Once 2FA is enabled in the application, the user will be required to set up 2FA on their next log in attempt.

Type in a mobile phone number and select a method of delivery for the download link, which is also the activation link of the ESET Secure Authentication (ESA) mobile app.


Backup codes

After successfully activating 2FA, you will receive a set of backup codes via email. You can use the backup codes if your mobile device on which the ESET Secure Authentication mobile app is activated is not available. Keep your backup codes safe. You can resend the backup codes to  your email address from your EBA profile by clicking Resend backup codes next to Two-factor authentication.

Installation and activation of mobile app

1.Visit the download link and tap Add account.

a.If you installed the application earlier without using the download link, but haven't used it yet, proceed to step 4.

2.When redirected to the application center of your mobile phone's operating system, install the application.

3.Open the application, review the license agreement and tap I accept.

4.We recommend that you set a PIN to protect the mobile application from unauthorized access. To set your PIN tap Yes when prompted, type your PIN into the New PIN and Confirm PIN fields and then tap OK.

5.Generate a one-time password by tapping the button displaying the company name of your EBA portal.

a.If no new token has been added to the ESA mobile app, tap the menu and select Get Tokens.


Deactivate two-factor authentication

If 2FA is enabled per company, all users are forced to use 2FA and it cannot be deactivated per user.

If 2FA was enabled per company, but later disabled in Settings, it will still remain active for users registered thus far. However, users can deactivate it in their profile.


Requirements to deactivate 2FA

To deactivate 2FA, you are required to provide:

1.Your ESET Business Account portal password.

2.One-time password, or backup code if you click Use backup code in the dialog.