Enabling Multi-Factor Authentication

In this article

    Multi-factor authentication (MFA) in Veeam Backup for Microsoft Azure is based on the Time-based One-Time Password (TOTP) method that requires the user to verify the user identity by providing a temporary six-digit code generated by an authentication application running on a trusted device.


    Consider the following limitations:

    • You cannot enable MFA for a user account whose user identity was obtained from an identity provider.
    • Only users with Portal Administrator role assigned can edit MFA settings for another users.

    To enable MFA for a user accessing Veeam Backup for Microsoft Azure as a Backup Administrator, do the following:

    1. Switch to the Configuration page.
    2. Navigate to Accounts > Portal Users.
    3. Select the account and click Enable MFA.
    4. In the MFA Settings window, do the following:
    1. Install a supported authentication application on a trusted device. To view the list of authentication applications supported by Veeam Backup for Microsoft Azure, click See a list of compatible applications.

    You can use any application that supports the TOTP protocol.

    1. Scan the displayed QR code using the camera of the trusted device.

    You can also provide a secret code that you can find in the Alternatively, type in the secret code field if you do not want to scan the QR code.

    1. In the Type the received MFA code field, enter a verification code sent by the authentication application.
    1. Click OK.



    Each user from the Portal Users page can enable or disable multi-factor authentication for other users.


    Enabling MFA Settings