This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.
Two Factor Authentication (also known as 2FA, Multi-Factor Authentication or MFA) enhances security by requiring a code generated on the Administrator’s device to access their account. This ensures that only authorised Administrators can log in, even if someone else has their password.
Before you begin
- Ask the Administrator to download an Authentication app that scans QR codes.
- Authentication Tokens expire, so you must ensure the time on the Authentication app and Smoothwall are the same. For help, see Set the time for Smoothwall On-Premise Appliance.
Switch 2FA on for an Administrator
To check if an Administrator has 2FA switched on, go to System > Administration > Administrative users and review the Current users table:
- A tick in the Allow Two Factor column means Two Factor authentication can be set up when the Administrator next signs in.
- A tick in the Enrolled into Two Factor column means the Administrator has set up Two Factor Authentication.
To switch on 2FA for them:
- Go to System > Administration > Administrative users.
- In the Current users section, select the user from the Mark column.
- Select Edit, and the user will be selected in the Add user section.
- Select the Allow Two Factor enrolment checkbox.
- Select Add.
The next time the user signs in to Smoothwall, they will be prompted to add the account to the Authentication app on their device.
Reset 2FA
If an Administrator can no longer log in because they no longer have access to the Authentication app, another Administrator must reset their 2FA.
- Go to System > Administration > Administrative users.
- In the Current users section, select the user from the Mark column.
- Select Edit, and the user will be selected in the Add user section.
- Clear the Allow Two Factor enrolment checkbox.
- Select Add.
- Switch 2FA on for the Administrator.