Skip to main content
Bahasa Indonesia Bălgarski Čeština Cymraeg Cрпски Dansk Deutsch Eesti keel English (UK) Español Français Gaelic Hrvatski Íslenska Italiano Latviešu valoda Lietuvių kalba Magyar Malti Nederlands Norsk Polski Português (Brasil) Português (Europeu) Pусский Română Slovenčina Slovenian Suomen Kieli Svenska Tiếng Việt Türkçe Ελληνικά македонски الإنجليزية فارسی 日本語 英语(美国) 영어
Contact Us

New to Deskpro Support? Register for an account

Need a password reminder?
icon
Integrations

Agent Two-Factor Authentication (2FA)

in Authentication and SSO
Authors list
Published: Jul 19, 2022|Last updated: Sep 25, 2023

You can enable Two-Factor Authentication on your helpdesk. This stengthens the access security of your helpdesk by requiring two methods of authentication for login.

To enable 2FA, go to Agents > Auth & SSO and click Manage:

2FA.png

There are two methods of 2FA you can set up on the helpdesk, Email 2FA and TOTP Service.

Screenshot 2022-08-09 at 11.40.08.png

TOTP ServiceCopy link to TOTP Service to clipboard

If you enable the toggle TOTP Service, this will allow your agents to set up 2FA themselves through their preferences

Note


Your agents will need an authentication app or service to be able to enable 2FA on their account via this method.

Once enabled, your agents will be presented with the option to set up 2FA from Agent Preferences > Security. They can either scan the QR code, if they are on a mobile device, or enter the passphrase into their authenticator app which will then enable 2FA on their account.

Email 2FACopy link to Email 2FA to clipboard

If you enable Email 2FA your Agents will be able to set up 2FA with email verification when they log in. Agents can authenticate themselves by entering the One-Time Password sent to them.

You can also set 2FA up for your Agents in Agents > Agent Profiles. If you set it up this way, the Agent will need access to the QR code or verification number associated with their account.

Warning


If you only enable TOTP Service or Email 2FA, then agents will not be required to set up 2FA for their account.

If you want to make Two-Factor Authentication mandatory for all agents you need to enable Require agents to set up 2FA.

You can also enable 2FA for specific agents in the helpdesk, you do this through Agents > Agent Profiles in the 2FA tab and switch on the toggle Enforce 2FA.

enforce.png

Managing 2FA Copy link to Managing 2FA to clipboard

If you make 2FA mandatory for all agents, enable Require agents to set up 2FA. When this is enabled, all agents will be required to set up 2FA at their next login.

You can also apply a Grace Period, this will give agents the option to skip setting up 2FA at login until the date you have specified.

grace period.png

After the Grace Period has passed, agents will be required to set up 2FA to log into their account.

Removing 2FACopy link to Removing 2FA to clipboard

In the event an agent loses access to their authentication app (if they lose or break their phone, or get locked out of their auth app) Admins have the ability to remove 2FA from their account. This is managed through the agent profile, go to the 2FA tab and click Remove.

remove 2fa.png

This will remove 2FA from that agent's account, an admin or the agent could then reapply 2FA if required.

HelpfulUnhelpful

0 of 1 people found this page helpful

next pageJSON Response of a Webhook as Variablesprevious pageOpenID Connect Setup

Please log in or register to submit a comment.

Page sections