Multi-factor authentication
Configuration: DOC -> User account in the taskbar-> Multi-factor authentication
For a more secure login procedure at the DOC, you can set up a multi-factor authentication method (MFA). A common authenticator app (e.g. on a smartphone) is required to generate a time-based one-time password (TOTP).
User side:
Users can select a convenient MFA method and manage it. They can also delete or deactivate it. In addition, they can specify that they are no longer asked for a code on a particular device for their particular login method (only again after 90 days).
To activate the MFA, users proceed as follows:
-
Open the menu under your account and select the Multi-factor authentication option.
-
The Existing methods dialog opens. To configure a new MFA, click
and follow the instructions in the dialog that follows.
Once the MFA is enabled, logging in to the DriveLock Management Console (DMC) with the same user is no longer possible. Note that this does not affect editing policies via the DOC.
On the administrator side:
Administrators can see which users have MFA enabled and can also disable it in an emergency.
Audit events are generated for the MFA actions to ensure they can be traced.