How to Configure Two-Factor Authentication (2FA) for the CrowdStrike Falcon Console
Summary: Learn how to configure two-factor authentication (2FA) for the CrowdStrike Falcon Console by following these instructions for Windows, Mac, or Linux.
Symptoms
This article covers two-factor authentication (2FA) requirements and configuration for the CrowdStrike Falcon Console.
Two-factor authentication (2FA) is a type of multi-factor authentication (MFA). MFA is used to require a user to confirm their identity by using multiple factors. 2FA uses two factors to identify the user. Requiring multiple factors to authenticate a user helps keep guarded information safe from malicious threat actors. CrowdStrike requires 2FA by default, and it cannot be disabled to help protect your environment.
Affected Products:
- CrowdStrike
Affected Operating Systems:
- Windows
- Mac
- Linux
Cause
Not applicable
Resolution
2FA Client Support
The CrowdStrike Falcon Console should be compatible with any RFC 6238 (https://datatracker.ietf.org/doc/html/rfc6238
Examples of RFC 6238 TOTP clients:
| 2FA Client | iOS | Android | Windows | Mac | Linux | Internet Browser |
|---|---|---|---|---|---|---|
| Google Authenticator | Yes | Yes | No | No | No | None |
| 1Password | Yes | Yes | Yes | Yes | No | None |
| Duo | Yes | Yes | No | No | No | None |
| Authy | Yes | Yes | Yes | Yes | No | Chrome |
| Token2 | Yes | Yes | No | No | No | None |
| Wikid | Yes | Yes | Yes | Yes | Yes | Chrome |
| Microsoft Authenticator | No | No | No | No | No | None |
| Oathgen | No | No | Yes | Yes | No | None |
| Authenticator | No | No | Yes | Yes | No | Chrome |
| Firekey | No | No | No | No | No | Chrome |
Learn more about CrowdStrike 2FA Setup or learn about how to Reset CrowdStrike 2FA. Click the appropriate process for more information.
- In a Google Chrome or Microsoft Edge browser, go to your Falcon console login URL.
- Falcon US-1: https://falcon.crowdstrike.com/login/
- Falcon US-2: https://falcon.us-2.crowdstrike.com/login/
- Falcon EU-1: https://falcon.eu-1.crowdstrike.com/login/
- Falcon US-GOV-1: https://falcon.laggar.gcw.crowdstrike.com/login/
- Falcon US-1: https://falcon.crowdstrike.com/login/
- Populate the CrowdStrike account holder’s credentials, and then click Log In.
- Scan the QR code with your time-based one-time password (TOTP) client.
- In the TOTP client, document the Verification Code.
- The TOTP client layout may differ in your environment.
- In the example, 216726 is the Verification Code.
- The Verification Code may also be referred to as the CrowdStrike 2FA code.
- In the CrowdStrike Falcon Console user interface (UI), populate the Verification Code and then click Setup 2FA.
- Accept CrowdStrike’s Terms of Service.
- The CrowdStrike Falcon Console administration access is required to reset a user’s 2FA.
- If administration access is unavailable, reach out to Dell support. For more information, reference Dell Data Security International Support Phone Numbers.
- In a Google Chrome or Microsoft Edge browser, go to your Falcon console login URL.
- Falcon US-1: https://falcon.crowdstrike.com/login/
- Falcon US-2: https://falcon.us-2.crowdstrike.com/login/
- Falcon EU-1: https://falcon.eu-1.crowdstrike.com/login/
- Falcon US-GOV-1: https://falcon.laggar.gcw.crowdstrike.com/login/
- Falcon US-1: https://falcon.crowdstrike.com/login/
- Populate the CrowdStrike account holder’s credentials, and then click Log In.
- In the CrowdStrike Falcon Console, click the three bars icon in the upper left, click Host setup and management, and then select the User management app.
- Locate the user, click the five-pin button, and then select Reset multi-factor authentication.
- Click Reset MFA.
- Have the user go through the Setup tab process.
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.