Configuring Multi-Factor Authentication
Multi-factor authentication (MFA) in Veeam Backup for AWS is based on the Time-based One-Time Password (TOTP) method that requires the user to verify the user identity by providing a temporary six-digit code sent by an authentication application to a trusted device.
You cannot enable MFA for a user account which user identity was obtained from an identity provider.
To enable MFA for a user account, do the following:
- Switch to the Configuration page.
- Navigate to Accounts > Portal Users.
- Select the user account and click Enable MFA.
- Follow the instructions provided in the MFA Settings window:
- Install an authentication application on a trusted device.
Only Google Authenticator is fully supported by Veeam Backup for AWS.
- To associate the authentication application with the authorization server, scan the displayed QR code using the camera of the trusted device.
- Enter a verification code generated by the authentication application.
- Click Apply.
To disable MFA for a user account, select the account on the Portal Users tab and click Disable.