Skip to main content

How can we help you?

Druva Documentation

Configure Multifactor Authentication

Note: The option will be available in planned phases starting from May 05, 2022.

Multifactor Authentication allows you to verify the administrator's identity by using a combination of two different authentication steps. It provides an additional layer of security when administrators access their accounts from any device and ensures that only authorized access is permitted.

At every login, the administrators across your organization are required to enter a time-based One Time Password (OTP) in addition to their login password.

The following methods are available to configure Multifactor Authentication. You can use either of them: 

Email-based Multifactor Authentication

The OTP is sent to the administrator's registered email address. Only an administrator who has a valid password and access to the OTP over the registered email address can access the account. 

Authenticator app-based Multifactor Authentication

The OTP is sent to the administrator's Authenticator app. Only an administrator who has a valid password, as well as access to the OTP through the authenticator app can access the account.

The following Authenticator Apps are certified by Druva:

  • Microsoft Authenticator
  • Google Authenticator
  • Authy
  • Duo
  • LastPass
  • Symantec VIP

Considerations 

  • To enhance account security, we have enabled Multifactor Authentication by default for all Druva administrators who have not configured Single Sign-On.

  • To ensure secure communication, do not disable Multifactor Authentication. In case you have disabled the setting and want to enable it, you need to re-configure Multifactor Authentication setting.

  • If you have already configured Single Sign-On for your organization, Multifactor Authentication will be applicable only to Failsafe Druva Cloud Administrator and not for all the administrators across your organization. 

  • Only a Druva Cloud Administrator can enable and disable the Multifactor Authentication for an organization.

Prerequisites 

  • Only a Druva Cloud Administrator can enable and disable the Multifactor Authentication for an organization.

  • Ensure that emails from Druva are not blocked through the IT policy in your organization.

  • An authenticator app is installed on the mobile devices of all the administrators who need to log in.

To configure Multifactor Authentication for your organization

  1. Go to the Global Navigation Panel > Druva Cloud Settings > Access Settings. The Access Settings window appears.

  2. In the Multifactor Authentication section, you can see that Email based OTP is enabled by default.
    undefined

  3. To change the Multifactor Authentication method, click Edit

  4. Select an authentication method.
    undefined

    • Email  Authentication configuration steps

      undefined
    • Authenticator App-based Authentication configuration steps
      undefined

  5. Upon successful authentication, the authentication method is enabled for your organization. All the administrators across your organization are notified with an email about the activation.

    • For Email  Authentication:
      At every next login, the administrators are required to authenticate themselves using the OTP they receive via email. 

    • For Authenticator App based Authentication:
      At the first login, the administrator needs to link to the authenticator app by scanning or entering a QR code in the authenticator app.
      At every next login, the administrators are required to authenticate themselves using the OTP they receive via the authenticator app. 

After successful configuration, note the numeric code or download the QR code pdf file for future reference if you need to change your phone or app.

Reset Authenticator App

In case, you have lost or forgotten your mobile device, or if your account is compromised, you can ask another administrator to reset your Authenticator App. When your Authenticator App is reset, you need to reconfigure your App with your Druva Account using the QR code displayed during your first login after reset.

Procedure

  1. In the left navigation, click Manage Administrators

  2. Click on the administrator name whose Authenticator App you want to reset. 

  3. Click on the menu button next to Edit and click Reset Authenticator App.

    undefined 

  4. In the confirmation dialog, click Continue. The App is reset. 

  5. Now, when the administrator logs in next time, they need to reconfigure the App.

    undefined

Frequently asked questions

What should I do if I change my mobile device or the authenticator app?

You can ask another administrator, to resent the Authenticator App. See, 

What if an administrator doesn’t receive OTP for email-based Multifactor Authentication?

You can use the backup codes. Administrators are sent a batch of ten backup codes on their registered email ID. Backup codes serve as a substitute for the OTP and should only be used when administrators are experiencing issues receiving OTP from Druva.  Edit section Edit section

  • A backup code, once utilized, cannot be reused. Ensure that backup codes must be used only when you are experiencing issues with receiving OTP from Druva.

  • It is recommended that you resolve the issues associated with the non-receipt of OTP from Druva.

Disable Multifactor Authentication 

In the Multifactor Authentication section, click Edit > Turn off the Enable Multifactor Authentication. The Disable Multifactor Authentication for administrators window appears. Enter the OTP that is sent to your registered email ID and click Verify.