- Notes, cautions, and warnings
- Preface
- Introduction
- Getting Started
- Storage and Applications
- Policies and Copies
- Monitoring
- Performing a PowerProtect Data Manager Recovery with Cyber Recovery
- Recovering PowerProtect Data Manager data
- Meeting prerequisites for a PowerProtect Data Manager recovery
- Initiating a PowerProtect Data Manager recovery in the Cyber Recovery UI
- Running a PowerProtect Data Manager recovery check
- Cleaning up after a PowerProtect Data Manager recovery
- Performing postrecovery steps for a PowerProtect Data Manager recovery
- Administration
- Administration overview
- Manually securing and releasing the Cyber Recovery vault
- User roles
- Managing users
- Managing login sessions
- Setting up an email server
- Managing Cyber Recovery password expiration
- Resetting Cyber Recovery passwords
- Resetting the IP address on the management host
- Updating the SSL security certificate
- Configuring a daily activity report
- Configuring a telemetry report
- Changing time zones
- Changing the log level
- Collecting logs for upload to support
- Log file rotation
- Protecting the Cyber Recovery configuration
- Retrieving your preserved Cyber Recovery configuration
- Deleting unneeded Cyber Recovery objects
- Cyber Recovery disaster recovery
- Troubleshooting
PowerProtect Data Manager 19.11 Cyber Recovery User Guide
Enabling multifactor authentication
After initial login to the Cyber Recovery UI, optionally enable multifactor authentication to provide added protection for the Cyber Recovery environment.
Prerequisites
From the Internet, download any authenticator application. Examples of authenticator applications include, but are not limited to, the following:
- Google Authenticator
- Authy
- Duo Mobile
- LastPass Authenticator
An authenticator application generates a one-time security code over an interval of time to provide two-step verification to authenticate Cyber Recovery users. The Cyber Recovery software requires a six-digit security code.
About this task
Users must enable multifactor authentication for their own accounts. Multifactor authentication is not available to Dashboard users. The Security Officer (crso) cannot enable multifactor authentication for other users, but can disable it for all users.
NOTE
- Multifactor authentication is a time-based security mechanism. The Cyber Recovery host time cannot differ from the authenticator time by more than one minute (plus or minus). If the time differs by more than +60 seconds or -60 seconds, multifactor authentication is not enabled.
- If you enable multifactor authentication and then are unable to provide the security code, you cannot log in to your Cyber Recovery account. Contact the Security Officer (crso) to disable multifactor authentication for your account, and then enable multifactor authentication again when you can log in.
- As the Security Officer (crso), if you enable multifactor authentication and then are unable to provide the security code, use the crsetup.sh script to change the Security Officer (crso) password. When you change the password, multifactor authentication is disabled.
- Integrated Data Protection Appliances deployments do not support multifactor authentication.
Steps
- Download and install the authenticator application on your mobile device or computer.
- From the Masthead Navigation, open the drop-down list next to the person icon.
-
Click
Multi-Factor Authentication.
The setup page is displayed.
- Swipe right on the slider to enable the multifactor authentication.
-
Do one of the following:
- Use the device camera to scan the QR code on the setup page to provide the security key.
- If your use of mobile devices or cameras is restricted, click Show Secret Key to view the security key and then enter it into the authenticator.
-
Enter two consecutive security codes:
- In the Security Code 1 field, enter the first security code that the authenticator generates.
- In the Security Code 2 field, enter the next security code that the authenticator generates.
If you enter nonconsecutive security codes, multifactor authentication is not enabled. Wait for the authenticator to generate a new security code and ensure that you enter the next consecutive security code. -
Click
Save.
For subsequent logins, the Cyber Recovery software prompts for a security code in addition to a username and password.
-
To disable multifactor authentication, swipe left on the slider.
The Security Officer (crso) and the Admin user, whose multifactor authentication is disabled, receive an email message that indicates that multifactor authentication is disabled. If multifactor authentication for the Security Officer (crso) is disabled, only the Security Officer (crso) receives an email message.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\