Two-Factor Authentication

Two-Factor Authentication (2FA) is a security process that requires users to provide two distinct forms of identification to verify their identity.

To sign in to ESET PROTECT Hub, a user logs in with their general access credentials. After a successful authentication, a One-time Password (OTP) is generated to increase security. A One-time Password (OTP) is a temporary, unique code used for authentication. When a user attempts to log in, an OTP is generated and sent to the user's registered device or email. The user must provide the OTP to verify their identity.

Enable Two-Factor Authentication

You can enable Two-Factor Authentication for companies or users.

Enable Two-Factor Authentication per company

1.Navigate to Admin Settings > Security.

2.Enable the Require Two-Factor Authentication for all users toggle.

Enable Two-Factor Authentication per user

1.Navigate to Users.

2.Click a desired username.

3.Click the Edit button at the bottom.

4.In the Security settings tab, enable the Two-Factor Authentication toggle.

5.Click Save.

Users can also enable their own Two-Factor Authentication by following the steps above.

Set up Two-Factor Authentication

If users activate Two-Factor Authentication, the setup process starts immediately. Users can continue or cancel the setup process. To continue, start with step 2 in the process below.

1.Click Setup.

2.To use ESET Secure Authentication mobile app, install and activate ESET Secure Authentication mobile app.

3.Open ESET Secure Authentication mobile app, tap the Add account button.

4.Scan the QR code displayed in the Set up ESET Secure Authentication window in ESET PROTECT Hub. If you cannot scan the QR code, click Can't scan the QR code in the ESET PROTECT Hub setup window. Open the provided link on your mobile device and follow the instructions.

5.In ESET PROTECT Hub, click Continue.

6.Generate a One-time Password in the mobile authentication app. If using ESET Secure Authentication mobile app, tap the button displaying your company name.

7.In ESET PROTECT Hub, in the Enter One-time Password window, type the One-time Password in the blank field. Click Authenticate.

8.A Setup was successful window will appear. This window contains a link to generate and save backup codes.

9.Click generate and save backup codes. Download or print the backup codes displayed in the New backup codes window.

10. When you have saved and stored your backup codes, click Close. You will receive an email confirming the activation.

Installation and activation of ESET Secure Authentication mobile app

1.In ESET PROTECT Hub, click Activate via link.

2.Visit the displayed link and tap Add account.

3.You will be redirected to your mobile phone's app center. Install the app.

4.Open the app, review the license agreement and tap I accept.

5.We recommend setting a PIN to protect the mobile app from unauthorized access. To set your PIN, tap Yes when prompted, type your PIN into the New PIN field, Confirm PIN fields and tap OK.

6.Click Continue to go to ESET PROTECT Hub.

7.If a new token has not been added to the ESET Secure Authentication mobile app, tap the menu icon and select Get Tokens.

8.Generate a One-time Password in the mobile authentication app. Tap the button displaying your company name.

9.On the Enter code page, type the One-time Password in the blank field and click Authenticate.

10. Click Finish.

Generate new backup codes

1.In ESET PROTECT Hub, click the username field in the top corner to access your profile.

2.In the Security settings tab, click Generate new codes.

3.The New backup codes window will appear. Type your ESET PROTECT Hub portal password in the blank field and click Authenticate.

4.Generate a One-time Password in the mobile authentication app. If using ESET Secure Authentication mobile app, tap the button displaying your company name. Alternatively, type a backup code if you click Use backup code in the dialog box.

5.In ESET PROTECT Hub, in the Enter One-time Password window, type the One-time Password in the blank field. Click Confirm.

6.A window with a new set of backup codes will appear. Download or print the backup codes displayed in the New backup codes window.

7.When you have saved and stored your backup codes, click Close.

Remember my device

Users can authorize their device not to request Two-Factor Authentication for every login.

1.Log in to ESET PROTECT Hub.

2.Generate a One-time Password in the mobile authentication app. If using ESET Secure Authentication mobile app, tap the button displaying your company name.

3.Type the One-time Password in the blank field.

4.Select Remember my login on this device and click Log in.

Forget all remembered devices

1.In ESET PROTECT Hub, click Admin settings.

2.In the Security section, click Forget next to Forget all remembered devices.

A superuser can delete the list of all remembered devices for all user accounts.

Deactivate Two-Factor Authentication

If Two-Factor Authentication is enabled per company, all users must use it and cannot deactivate it.

If Two-Factor Authentication is enabled per company but later disabled in Admin Settings, it will remain active for registered users. In that case, users can deactivate Two-Factor Authentication in their ESET PROTECT Hub profile.

Deactivate Two-Factor Authentication per user

1.Navigate to Users.

2.Click a desired username.

3.Click the Edit button at the bottom.

4.In the Security settings tab, disable the Two-Factor Authentication toggle.

5.Click Save.

6.The Disable Two-Factor Authentication window will display. Type your ESET PROTECT Hub portal password. Click Disable.

7.To confirm the change, type the One-time Password generated by your Two-Factor Authentication app. Alternatively, type a backup code if you click Use backup code in the dialog box.

8.Click Confirm.

9.A notification Two-Factor Authentication disabled will appear in the top corner. You will receive an email confirming the deactivation.

10. If you want to enable Two-Factor Authentication per user again, follow these steps.

˄˅