Multi-Factor Authentication (MFA) enhances security by requiring a code generated on the Administrator’s device to access their account. This ensures only authorised Administrators can log in, even if someone else has their password.
Before you begin
- Ask the Administrator to download an Authentication app that scans QR codes.
- Authentication Tokens expire, so you must ensure the time on the Authentication app and Smoothwall are the same. For help, see Set the time for Smoothwall On-Premise Appliance.
Switch MFA on for an Administrator
To check if an Administrator has MFA switched on, go to System > Administration > Administrative users and review the Current users table:
- A tick in the Allow Two Factor column means MFA can be set up when the Administrator next signs in.
- A tick in the Enrolled into Two Factor column means the Administrator has set up MFA.
To switch on MFA for them:
- Go to System > Administration > Administrative users.
- In the Current users section, select the user from the Mark column.
- Select Edit, and the user will be selected in the Add user section.
- Select the Allow Two Factor enrolment checkbox.
- Select Add.
The next time the user signs in to Smoothwall, they will be prompted to add the account to the Authentication app on their device.
Reset MFA
If an Administrator can no longer log in because they no longer have access to the Authentication app, another Administrator must reset their MFA.
- Go to System > Administration > Administrative users.
- In the Current users section, select the user from the Mark column.
- Select Edit, and the user will be selected in the Add user section.
- Clear the Allow Two Factor enrolment checkbox.
- Select Add.
- Switch MFA on for the Administrator.