Excluding accounts from two-step verification

You can exclude an account from two-step verification if your account has the Modify object ACLs right in the General features: User permissions functional area.

If a user account is excluded from two-step verification, that user can log in to Administration Console or Kaspersky Security Center Web Console without using two-step verification.

Excluding accounts from two-step verification can be necessary for service accounts that cannot pass the security code during authentication.

To exclude a user account from two-step verification:

1. If you want to exclude an Active Directory account, perform Active Directory polling to refresh the list of Administration Server users.
2. In the console tree, open the User accounts folder.

   The User accounts folder is a subfolder of the Advanced folder by default.

3. In the workspace, double-click the user account that you want to exclude from two-step verification
4. In the Properties: <user name> window that opens, select the Two-step verification section.
5. In the opened section, select the User can pass authentication by using user name and password only option.
6. In the Two-step verification section, click the Apply button, and then click the OK button.

This user account is excluded from two-step verification. You can check the excluded accounts in the list of user accounts.

See also: Scenario: configuring two-step verification for all users

Page top