This article describes two-factor authentication for Datto Network Manager.
- Datto Network Manager
Note: This feature requires our User Management System to be enabled first. If your account login’s menu (at the top-right of the dashboard) doesn’t have a “My Settings” drop-down visible, you’ll need to Migrate your existing Master Account to User Management (UM) before you’ll be able to configure Two-Factor Authentication (2FA).
The User Management system has increased CloudTrax's security and accountability. Users under the UM system will now have the ability to add an additional layer of security in the form of 2-Factor Authentication (2FA). Like withdrawing money from an ATM, 2FA requires both a password (pin number) and a verified device (Debit Card) to access your account.
Add 2FA to your account:
2. From the User drop-down in CloudTrax, choose "My Settings"
3. Enable two-factor authentication
4. Add your Device to the list
5. Add an account in Google Authenticator or Authy
6. Scan the QR Code shown in CloudTrax with your authentication app
7. You will see your device added to your list and will see an entry for CloudTrax in your Authentication app.
8. Save changes in CloudTrax
9. Logout from CloudTrax and log back in. After you enter your password you will be prompted for the six-digit code shown in your Authentication app.
- The app generates a new code every 30 seconds based on the secret that was shared with it (qr code)
- The six-digit code is time based, so if your device's clock is wrong, the app will generate an incorrect key
- After 20 attempts your account will become locked. You will need to contact your administrator to disable and re-enable 2FA on your account to reset the attempt counter.