Secure access using two-factor authentication
Home » Features » Home >> Features >> Secure access using two-factor authentication

Two-Factor Authentication (TFA)

Recent security breaches around the world have called for the need to be more cautious about securing customer data in their environment. The majority of these breaches are due to compromised passwords and unused account privileges.

Since RMM Central plays a major role in managing the devices in a customer's network, we have enforced our customers to enable Two-Factor Authentication which provides an additional layer of security to validate the user's authenticity.

Enable Two-Factor Authentication

When you enable Two-Factor Authentication, all the users will be required to provide an additional security code to login and access RMM Central. To enable TFA,

  • Log in to RMM Central
  • Navigate to Admin tab -> User Administration -> Secure Authentication
  • Enable Authentication and choose the mode of authentication using which you want to be authenticated

Using an Authenticator App

The authenticator app can be Zoho OneAuth, Google Authenticator, MS Auth, DUO Auth, etc.

If you choose to use an authenticator app, please install the authenticator app on your smart phone and map the RMM Central server details to the authenticator app, which is a one time process. You can use the OTP generated on the app, as an additional layer of security, to login to RMM Central. OTP can be generated anytime, anywhere.

Here are the download links to a few commonly used authenticator apps:

Note:

  • TOTP code does not require any internet connection. All data is generated in the On-Premise server
  • If the user has deleted the RMM Central account on the authenticator app, then the user should contact the administrator to restore Two-Factor Authentication using the same app. Administrator can resend the QR code to restore the authenticator app from here: Admin -> User Management -> Actions (Under the appropriate user) -> Resend QR code

Using Email

When you choose email as a mode for two-factor authentication, the OTP will be generated by RMM Central and sent to the user's registered email address. User will have to use the OTP received in the email in addition to the regular password. User should have access to email, in order to access RMM Central server. Every generated OTP is valid for 15 minutes from the generation. You can save the OTP for specific browsers for (n) specified days.

FAQ

1. Can I disable TFA after it is enabled?

No. As a part of security enforcement, TFA cannot be disabled once it is enabled. However, you can contact RMM Central Support in any case of trouble with TFA.