Configuring Multi-Factor Authentication

In this article

    Multi-factor authentication (MFA) in Veeam Backup for AWS is based on the Time-based One-Time Password (TOTP) method that requires users to verify their identity by providing a temporary six-digit code sent by an authentication application to a trusted device.

    Important

    You cannot enable MFA for a user account whose user identity was obtained from an identity provider.

    Enabling MFA

    To enable MFA for a user account, do the following:

    1. Switch to the Configuration page.
    1. Navigate to Accounts > Portal Users.
    1. Select the user account and click Enable MFA.
    2. Follow the instructions provided in the MFA Settings window:
    1. Install an authentication application on a trusted device.

    Important

    Only Google Authenticator is fully supported by Veeam Backup for AWS.

    1. To associate the authentication application with the authorization server, scan the displayed QR code using the camera of the trusted device.
    2. Enter a verification code generated by the authentication application.
    3. Click Apply.

    MFA Settings

    Disabling MFA

    To disable MFA for a user account, select the account on the Portal Users tab and click Disable.