Enabling Multi-Factor Authentication
Multi-factor authentication (MFA) in Veeam Backup for Microsoft Azure is based on the Time-based One-Time Password (TOTP) method that requires the user to verify the user identity by providing a temporary six-digit code generated by an authentication application running on a trusted device.
You cannot enable MFA for a user account which user identity was obtained from an identity provider.
To enable MFA for a user accessing Veeam Backup for Microsoft Azure as a Backup Administrator, do the following:
- Switch to the Configuration page.
- Navigate to Accounts > Portal Users.
- Select the account and click Enable MFA.
- In the MFA Settings window, do the following:
- Install a supported authentication application on a trusted device. To view the list of authentication applications supported by Veeam Backup for Microsoft Azure, click See a list of compatible applications.
You can use any application that supports the TOTP protocol.
- Scan the displayed QR code using the camera of the trusted device.
You can also provide a secret code that you can find in the Alternatively, type in the secret code field if you do not want to scan the QR code.
- In the Type the received MFA code field, enter a verification code sent by the authentication application.
- Click OK.
Each user from the Backup Admins page can enable or disable multi-factor authentication for other users.