Why do you need Secured Login
Secured Login is a two-factor authentication method to verify the administrator's identity by using a combination of two different authentication steps. It provides an additional layer of login security when administrators access their accounts from any device and ensures that only authorized access is permitted.
With Secured Login enabled (default setting) for your Druva account, at every login, the administrators across your organization are required to enter a time-based One Time Password (OTP) in addition to their login password. The OTP is sent to the administrator's registered email address. Only an administrator who has a valid password, as well as access to the OTP over the registered email address can access the account.
- To enhance account security, we have enabled Secured Login by default for all Druva administrators who have not configured Single Sign-On.
To ensure secure communication, do not disable Secured Login. In case, you have disabled the setting and want to enable it, see Update Secured Login setting for your organization.
- If you have already configured Single Sign-On for your organization, Secured Login will be applicable only to Failsafe Druva Cloud Administrator and not for all the administrators across your organization.
- If you want to enable Secured Login for all the administrators across your organization then disable Single Sign-On for administrators. For more information, see Set up Single Sign-On.
- Only a Druva Cloud Administrator can enable and disable the Secured Login for an organization.
Use backup codes if you don't receive OTP emails
Administrators are sent a batch of ten Backup Codes. Backup Codes serve as a substitute for the OTP and should only be used when administrators are experiencing issues receiving emails from Druva.
- A Backup Code once utilized cannot be reused. Ensure that Backup Codes must be used only when you are experiencing issues with receiving OTP emails from Druva.
- It is recommended that you resolve the issues associated with the non-receipt of emails from Druva.
Update Secured Login setting for your organization
To ensure secure communication, do not disable Secured Login.
Only a Druva Cloud Administrator can enable and disable the Secured Login for an organization.
Step 1: Initiate activation:
- Click to access the Global Navigation Panel > Druva Cloud Settings > Access Settings. The Access Settings window appears.
- In the Password Policy and Secured Login section, Click Enable Secured Login. The Secured Login activation and login workflows for administrators window appear.
- Click Enable Secured Login. An activation OTP is sent to your registered email address.
Step 2: Authorize activation:
Verify your identity using the activation OTP that was sent to your registered email address.
Step 3: Complete activation:
Upon successful authentication, the Secured Login is activated for your organization. All the administrators across your organization are notified with an email about the Secured Login activation. At every next login, the administrators are required to authenticate themselves using the OTP they will receive through an email.
Ensure that emails from Druva are not blocked through the IT policy in your organization.
Note: To disable , click Disable Secured Login > The Disable Secured Login for administrators window appears. Enter the OTP that is sent to your registered email address and click Verify.