Desktop
2 Factor Authentication
2 Factor Authentication is an important security feature that adds an extra layer of security to your account. This guide will help you to enable 2FA on your account.
To enable 2FA on your server this can be done by our support team. Otherwise you can enable it yourself by following the steps below which will guide you through the process.
We will be putting together a guide using Duo Security. Duo Security is a 2FA provider that is free for personal use with business plans and is very easy to setup.
Step 1 - Setup Duo Security
1
Step 1 - Sign up for Duo Security
- To get started you will need to sign up for a Duo Security account.
- You can do this by visiting https://signup.duo.com/.
2
Step 2 - Log into your account
- Once you have signed up for an account you will need to access your Duo Admin Panel.
3
Step 3 - Add a new application
- Click
Protect an Applicationand locate the entry forMicrosoft RDPin the applications list. - Click
Protectto the far-right to configure the application and get yourintegration key,secret key, andAPI hostname. - You’ll need this information to complete your setup.
- See Protecting Applications for more information about protecting applications in Duo and additional application options.
4
Step 4 - Configure Duo Security
- We recommend setting the New User Policy for your Microsoft RDP application to
Deny Access, because no unenrolled user may complete Duo enrollment via this application.
5
Step 5 - Offline Access
- If you’d like to enable offline access with Duo MFA you can do that now in the “Offline Access Settings” section of the Duo application page, or return to the Admin Panel later to configure offline access after first verifying logon success with two-factor authentication.
6
Step 6 - Download the Duo Authentication for Windows Logon installer package
- Download the Duo Authentication for Windows Logon installer package.
- View checksums for Duo downloads here.
Treat your secret key like a password
The security of your Duo application is tied to the security of your secret key (skey). Secure it as you would any sensitive credential. Don’t share it with unauthorized individuals or email it to anyone under any circumstances!