2-Factor Authentication

Exciting news! Our ConnectBooster Support documentation is moving to a new location. Be sure to bookmark the new link below.

https://help.cb.kaseya.com/help/Content/0-HOME/Home.htm

2-Factor Authentication for Internal Users

This function allows you to further secure your ConnectBooster account login via one-time use, rotating authentication codes. 

Organizations' logins are NOT affected with these setup steps. However, ALL "Internal Users" under Configurations + Internal Settings will be forced to enroll.


Setup Instructions

Our 2-factor uses the standard time-based One-Time Password algorithm (TOTP). This means you may use the "Authenticator" style app of your choosing, if the protocol is supported.

Known mobile apps supporting OTP that have been tested:

  1. Duo Mobile
  2. Microsoft Authenticator
  3. Google Authenticator
  4. Authy

The first login via your standard username/password will begin the enrollment process. This will be a requirement for ALL Internal Users.

After initial successful login, you will be prompted to scan a QR Code. Scan with a supported authentication app of your choosing. Some applications may require a label, or "friendly name".

Ex., use the "Add Account" & Scan QR Code option in Authy:

Save and enter a friendly name to refer to your ConnectBooster portal.

Enter the first code displayed via your authenticator app, and select enter.



After initial setup, subsequent login attempts will simply require to enter your rotating code going forward.

Congratulations, that's it! Your account is now protected via 2-factor authentication.

NOTE: If you decide to later turn this off and re-enable in the future, all previously configured users will need to follow the QR Code enrollment steps again.


Troubleshooting

If you or another team member needs to go through the "enrollment" QR Code process again (ex., a new mobile device),  another Master Admin can do a "RESET" option under the given Internal User account. This ONLY resets the account in question. 

This does NOT force all other Internal Users to do the enrollment process again.

If your specific Internal User account is the only "Master Admin", and you are locked out, you will need to reach out to [email protected] for an account reset.