Two-Factor Authentication

Two-Factor Authentication (2FA) provides a more secure method to log into and access ESMC Web Console.

2FA is provided by ESET using ESET Secure Authentication technology. You do not need to deploy or install ESET Secure Authentication within your environment, as ESMC automatically connects to ESET servers to authenticate users who log into your ESMC Web Console.

Users with 2FA enabled will be required to log into ESET Security Management Center using ESET Secure Authentication.

For more information about product features and benefits, visit the ESET Secure Authentication product page.

There is no limit to the number of users who can log into ESMC via ESA 2FA.

HTTP Proxy settings are not applied for communication with Secure Authentication servers (2FA).

In ESMC 7.1 and later, you can enable 2FA also for the Administrator account.


To enable 2FA for another user's account, one needs to have Write permission over that user. Once enabled, a user needs to configure 2FA themselves before they can log in. Users will receive a link via text message (SMS), which they can open in their phone's web browser to view instructions for configuring 2FA.

2FA does not work without direct network access to ESET 2FA servers. Allowing at least specific 2FA servers in the firewall is necessary. If the proxy is set-up in the More > Server Settings > Advanced Settings > HTTP Proxy, it does not apply for the 2FA.



You cannot use users with 2FA for server assisted installations.

How to enable Two-Factor Authentication for a Web Console user?

1.Create a new user or use an existing one.

2.Navigate to More > Users in the ESMC Web Console.

3.Click the user and select Two-Factor Authentication > apply_defaultEnable.

4.Upon the user's next login, enter the user's phone number when prompted.

5.Install ESET Secure Authentication mobile app on the user's mobile phone using the link from SMS or QR code.

6.When the app is installed using the token, your ESMC instance is added in the app.

7.Proceed to login and enter the one-time password from the mobile app to the Web Console when prompted. A new password is generated in the mobile app for each login.