Skip to main content

How can we help you?

Druva Documentation

Configure Multifactor Authentication

Multifactor Authentication allows you to verify the administrator's identity by using a combination of two different authentication steps. It provides an additional layer of security when administrators access their accounts from any device and ensures that only authorized access is permitted.

At every login, the administrators across your organization are required to enter a time-based One Time Password (OTP) in addition to their login password.

Supported Multifactor Authentication Methods

 Email-based Multi-factor Authentication will be discontinued soon for Public Cloud. If you are using this method, we strongly recommend you change it to Authenticator App-based Multifactor Authentication.

Method

Public Cloud

Hybrid Workloads Gov Cloud

inSync Gov Cloud

Authenticator App

The OTP is sent to the administrator's Authenticator app. 
The following Authenticator Apps are certified by Druva:

  • Microsoft Authenticator
  • Google Authenticator
  • Authy
  • Duo
  • LastPass
  • Symantec VIP

Yes 

Yes 

Planned

SMS

The OTP is sent to the administrator's registered mobile number. 

Yes 

No

No

Email

The OTP is sent to the administrator's registered email ID.

Yes

No

No

Prerequisites 

  • Only a Druva Cloud Administrator can enable and disable the Multifactor Authentication for an organization.
  • Ensure that emails from Druva are not blocked through the IT policy in your organization.
  • SMS-based Multifactor Authentication is not supported for Cuba, Iran, North Korea, Syria, and Sudan.

Configure Multifactor Authentication for your organization

  1. Go to the Global Navigation Panel > Druva Cloud Settings > Access Settings

  2. In the Multifactor Authentication section, click Enable

  3. Select an authentication method.

    • SMS-based Authentication configuration steps
      undefined

    • Authenticator App-based Authentication configuration steps
      image8.png

    • Email-based Authentication configuration steps
      undefined

  4. Upon successful authentication, the authentication method is enabled for your organization. All the administrators across your organization are notified with an email about the activation.

    • For SMS-based Authentication:
      At every next login, the administrators are required to authenticate themselves using the OTP they receive on their mobile devices. 

    • For Authenticator App-based Authentication:
      At the first login, the administrator needs to link to the authenticator app by scanning or entering a QR code in the authenticator app.
      At every next login, the administrators are required to authenticate themselves using the OTP they receive via the authenticator app. 

    • For Email  Authentication:
      At every next login, the administrators are required to authenticate themselves using the OTP they receive via email.

After successful configuration, note the numeric code or download the QR code PDF file for future reference if you need to change your phone or app.

Change the Multifactor Authentication method

To change your multifactor authentication method, you need to first disable the existing method and then enable the new method.

  1. In the Multifactor Authentication section, click Update.  
  2. Enter the OTP and click Verify & Disable. Multifactor Authentication is disabled for your organization. 
  3. In the Multifactor Authentication section, click Enable and configure the new method. 

Reset the Multifactor Authentication of another administrator 

In case, you have lost or forgotten your mobile device, or if your account is compromised, you can ask the Druva Cloud administrator to reset your Multifactor Authentication. 

  1. In the left navigation, click Manage Administrators
  2. Click on the administrator name whose authentication you want to reset. 
  3. Click on the menu button next to Edit and click Reset Multifactor Authentication.
  4. In the confirmation dialog, click Continue.
    • Authenticator App reset: For the first login after reset, reconfigure your App with your Druva account using the QR code displayed.
    • SMS reset: For the first login after reset, register your mobile number with your Druva account.

Frequently asked questions

What should I do if I change my mobile device or the authenticator app?

You can ask another DCP administrator, to reset the Multifactor Authentication. . 

What if an administrator doesn’t receive OTP for email-based Multifactor Authentication?

You can use the backup codes. Administrators are sent a batch of ten backup codes on their registered email ID. Backup codes serve as a substitute for the OTP and should only be used when administrators are experiencing issues receiving OTP from Druva.  Edit section Edit section

  • A backup code, once utilized, cannot be reused. Ensure that backup codes must be used only when you are experiencing issues with receiving OTP from Druva.
  • It is recommended that you resolve the issues associated with the non-receipt of OTP from Druva.
  • After all the ten codes are used by the administrators, a fresh set of ten new backup codes is auto-generated and emailed to all the administrators.Edit section