Two-Factor Authentication
Two-Factor Authentication (2FA) is a security process that requires users to provide two distinct forms of identification to verify their identity.
To increase security, when signing in to the ESET Business Account portal, a One-time Password (OTP) is generated. A One-time Password (OTP) is a temporary, unique code used for authentication. When a user attempts to log in, an OTP is generated and sent to the user’s registered device or email. The user must type the OTP to verify their identity. You must provide it after you successfully authenticate using your general access credentials.
Enable Two-Factor Authentication
You can enable Two-Factor Authentication for companies or users.
Enable Two-Factor Authentication per company
Navigate to Settings > Security, and enable the Require Two-Factor Authentication for all users toggle.
Enable Two-Factor Authentication per user
Navigate to User management, click a username > Edit > Security and enable the Two-Factor Authentication toggle.
Users can enable their own Two-Factor Authentication in the profile by clicking your name > Edit > Security > enable the Two-Factor Authentication toggle.
Set up Two-Factor Authentication
If users activate Two-Factor Authentication, the setup process starts immediately. Users can continue or cancel the setup process. To continue, start with step 2 in the process below.
|
Activation process If you enable Two-Factor Authentication for all users and log out of ESET Business Account, you must complete the Two-Factor Authentication activation process on the next login attempt or your user account will be locked out of ESET Business Account. You cannot cancel the setup process. |
1.Click Setup.
2.If you want to use the ESET Secure Authentication mobile app, install and activate the ESET Secure Authentication mobile app.
3.To use a third-party authentication app, click Use a different authentication app. Two-Factor Authentication works with authentication clients that support the required TOTP protocol. We have tested the following client apps:
4.Open the ESET Secure Authentication mobile app, tap the + icon, and scan the QR code displayed in the ESET Business Account.
5.In the ESET Business Account, click Continue.
6.Generate a one-time password in the mobile app. If using ESET Secure Authentication mobile app, tap the button displaying your company name.
7.On the Enter One Time Password page, type the One-time Password in the blank field and click Authenticate.
8.Click Finish.
|
Backup codes After successfully activating Two-Factor Authentication, you will receive a set of backup codes in an email. You can use the backup codes if your mobile device where ESET Secure Authentication mobile app is activated is not available. Keep your backup codes safe. You can resend the backup codes to your email address from your ESET Business Accountprofile by clicking Send next to Send backup codes. As soon as you use the last backup code, you will receive a new set of 10 backup codes via email. If you lose your authentication device, contact Technical Support for assistance. |
Installation and activation of ESET Secure Authentication mobile app
1.In the ESET Business Account, click Activate via link.
2.Visit the displayed link and tap Add account.
3.You will get redirected to the app center of your mobile phone's operating system. Install the app.
4.Open the app, review the license agreement, and tap I accept.
5.We recommend setting a PIN to protect the mobile app from unauthorized access. To set your PIN, tap Yes when prompted, type your PIN into the New PIN, Confirm PIN fields, and then tap OK.
6.Click Continue to the ESET Business Account.
7.If a new token has not been added to the ESET Secure Authentication mobile app, tap the menu icon, and select Get Tokens.
8.Generate a One-time Password in the mobile app—Tap the button displaying your company name.
9.On the Enter code page, type the One-time Password in the blank field and click Authenticate.
10. Click Finish.
Remember my device
Users can authorize their device not to request Two-Factor Authentication for every login.
1.Log into ESET Business Account.
2.Generate a One-time Password in the mobile app. If using ESET Secure Authentication mobile app, tap the button displaying your company name.
3.Type the One-time Password in the blank field.
4.Select Remember my login on this device and click Log in.
Resend backup codes
If a user needs new backup codes for Two-Factor Authentication, the superuser can resend the backup codes as follows:
1.In the ESET Business Account, click User management.
2.Click the specific user and then click Edit.
3.Next to Send backup codes, click Send.
Forget all remembered devices
1.In the ESET Business Account, click a profile.
2.In the Security section, click Forget next to Forget all remembered devices.
Superusers can delete the list of all remembered devices for all user accounts.
|
Reset Two-Factor Authentication for the administrator or Superuser account Administrators (users with Write permission) cannot reset their Two-Factor Authentication setting. They have to ask the Superuser to do it. To reset Two-Factor Authentication for your superuser account, deactivate Two-Factor Authentication in your ESET Business Accountprofile, and activate it again. |
Deactivate Two-factor Authentication
If Two-Factor Authentication is enabled per company, all users must use it, and the user cannot deactivate it.
If Two-Factor Authentication is enabled per company but later disabled in Settings, it will remain active for registered users. Users can deactivate Two-Factor Authentication in their ESET Business Accountprofile.
|
Requirements to deactivate Two-Factor Authentication To deactivate Two-Factor Authentication, you must provide: •Your ESET Business Account portal password. •One-time Password or backup code if you click Use backup code in the dialog box. |