This scenario describes how to enable two-step verification for all users and how to exclude user accounts from two-step verification. If you did not enable two-step verification for your account before you enable it for other users, the application opens the window for enabling two-step verification for your account, first. This scenario also describes how to enable two-step verification for your own account.
If you enabled two-step verification for your account, you may proceed to the stage of enabling of two-step verification for all users.
Prerequisites
Before you start:
Stages
Enabling two-step verification for all users proceeds in stages:
You can install any application that supports the Time-based One-time Password algorithm (TOTP), such as:
Ensure that the time set in the authenticator application is synchronized with the time of Administration Server.
How-to instructions:
After you enable two-step verification for your account, you can enable two-step verification for all users.
Users with two-step verification enabled must use it to log in to Administration Server.
How-to instructions:
If you have several Administration Servers with similar names, you may have to change the security code issuer names for better recognition of different Administration Servers.
How-to instructions:
If required, you can exclude users from two-step verification. Users with excluded accounts do not have to use two-step verification to log in to Administration Server.
How-to instructions:
Results
Upon completion of this scenario: