Excluding accounts from two-step verification
Nov 27, 2023
You can exclude an account from two-step verification if your account has the Modify object ACLs right in the General features: User permissions functional area.
If a user account is excluded from two-step verification, that user can log in to Administration Console or Kaspersky Security Center Web Console without using two-step verification.
Excluding accounts from two-step verification can be necessary for service accounts that cannot pass the security code during authentication.
To exclude a user account from two-step verification:
- If you want to exclude an Active Directory account, perform Active Directory polling to refresh the list of Administration Server users.
- In the console tree, open the User accounts folder.
The User accounts folder is a subfolder of the Advanced folder by default.
- In the workspace, double-click the user account that you want to exclude from two-step verification
- In the Properties: <user name> window that opens, select the Two-step verification section.
- In the opened section, select the User can pass authentication by using user name and password only option.
- In the Two-step verification section, click the Apply button, and then click the OK button.
This user account is excluded from two-step verification. You can check the excluded accounts in the list of user accounts.