Two-factor authentication
Security and navigation
SECURITY Permission to access Setup > My Info
About two-factor authentication
Two-factor authentication (2FA) is a security process in which a second level of authentication is added to the account login credentials. Both factors of authentication must be used and must be entered correctly in order to establish the person's identity beyond doubt. The two factors may include the following:
- Something that the user possesses, such as a token, card, or key.
- Something that the user knows, such as an email address, password, or PIN.
- Something that is inseparable from the user, such as fingerprint, iris, or voice identification.
Requirements
- 2FA requires login credentials (email and password) and a one-time password (OTP) issued by a 2FA token-generating application.
- A 2FA token-generating application such as Google Authenticator (Android and iOS) must be installed on your smartphone or tablet.
IMPORTANT We strongly recommend that you assign Administrator access to more than one user in the Datto RMM account. This is to ensure recovery should there be an issue authenticating during the initial configuration, or should the authenticating device encounter a problem or become lost.
Set up 2FA
- Navigate to Setup > My Info in the legacy UI or Setup > My Settings in the New UI.
- In the legacy UI, scroll down to the Security Settings section and click Datto Portal User Settings. In the New UI, click the View in Partner Portal button at the top of the My Settings page. The User Settings page in the Datto Partner Portal will open.
- In the Two-Factor Authentication section, click Configure.
- Select Third Party Authenticator App and then choose an application from the drop-down list.
- Enter the verification code and click Enable 2FA.
- You will receive a message confirming that the authenticator was configured successfully. Click Close.
- To confirm 2FA has been set up correctly, log out of Datto RMM and log back in. Once you have entered your credentials, you will see a page asking for the 2FA token that your app will generate. Enter the token and click Authenticate.
NOTE When accessing the Agent Browser, you will also need to enter the 2FA token. Refer to Log in to the Agent Browser.
- If you have more than one account associated with your email address, select the account you wish to access and click Continue.
- You are then directed to your Datto RMM account.
Reset and manage 2FA
Reset and manage your own 2FA credentials
- If you have access to the Datto Partner Portal and can log in, you can manage your own 2FA settings. Refer to Set up 2FA.
- If you have access to the Datto Partner Portal but cannot log in, contact your Administrator who can use the following guide: Reset another user's 2FA credentials (Administrators' guide).
- If you do not have access to the Datto Partner Portal, contact the Support team. Refer to Datto Support.
Reset another user's 2FA credentials (Administrators' guide)
- If a user needs their 2FA credentials reset, you can trigger a 2FA reset email for their account. The user will be emailed a verification code, and once logged in to the Datto Partner Portal, they can configure 2FA again. Refer to Trigger a 2FA reset email for a user in the legacy UI and Resetting a user's 2FA in the New UI.
- If a user needs their 2FA credentials reset but cannot log in to the Datto Partner Portal, you can send them a one-time passcode that will allow them to log in. Once logged in, they will be able to manage their own 2FA. Refer to this topic in the Datto Help Center: Datto Partner Portal: How do I send a one-time password to let employees reconfigure their Two-Factor Authentication (2FA)?.
