In order to further improve Kaspersky Security Center Web Console access security, you can prohibit new users from setting up two-step verification for themselves.
If this option is enabled, a user with disabled two-step verification, for example new domain administrator, cannot configure two-step verification for themselves. Therefore, such user cannot be authenticated on Administration Server and cannot sign in to Kaspersky Security Center Web Console without approval from another Kaspersky Security Center Linux administrator who already has two-step verification enabled.
This option is available if two-step verification is enabled for all users.
To prohibit new users from setting up two-step verification for themselves:
The Administration Server properties window opens.
This option does not affect the user accounts added to the two-step verification exclusions.
In order to grant Kaspersky Security Center Web Console access to a user with disabled two-step verification, temporary turn off the Prohibit new users from setting up two-step verification for themselves option, ask the user to enable two-step verification, and then turn on the option back.
Page top