Back to Community Threads
2
Is There a Secret to Enabling Two-Step Authentication (2FA)
Question asked by Matthew Mills - 3/15/2022 at 8:10 AM
Answered
I have enabled (not forced) 2FA for one of my domains.  When I log in as a user in that domain and go to settings I have no card for 2FA.

I restarted the SM service (latest version) and have looked everywhere I can think of.

Can anyone suggest what I might be missing (that I am sure is in plain sight)?  I don't think this rises to the level of a support ticket just yet.

5 Replies

Reply to Thread
0
Tony Scholz Replied
3/15/2022 at 9:19 AM
Employee Post Marked As Answer
Hello Matthew, 

When setting up 2FA ( Two-Factor Authentication ) you will need to enable it for the domain;


If you impersonate a user this option is not available. 


This can only be set up when logged in as the end user. 


I hope this helps. 

Thank you
Tony
Tony Scholz System/Network Administrator SmarterTools Inc. www.smartertools.com
0
Matthew Mills Replied
3/15/2022 at 9:41 AM
Tony,

It's nice to know I didn't miss anything,  But...it's not there.  I did enable 2FA as the admin and then I logged in as the user (myself, not impersonating).  I tried two browsers, but no 2 FA card.

Sooooo...

The account with which I was testing is AD authenticated.  I added 2FA to an SM authenticated account and logged in, and the card was there.  The issue is thus the AD auth.

Should this option be available for AD authentication, or is that not possible?

Thanks,
Matthew
0
Tony Scholz Replied
3/15/2022 at 10:53 AM
Employee Post
Hello Matthew, 

You are correct, this option is not currently supported for AD authenticated accounts and will only show up for SmarterMail authenticated accounts. 

Thank you
Tony Scholz System/Network Administrator SmarterTools Inc. www.smartertools.com
0
Matthew Mills Replied
3/15/2022 at 11:46 AM
Thank you.  Do you expect that it might make it into AD authenticated accounts in the future?
0
Given that Active Directory is it's own, separate authentication provider I believe you would have to look at products/services that add 2FA/MFA support specifically for AD (AuthLite, UserLock, Duo, etc). Just be sure whatever you are looking at supports MFA login from external sources via LDAP (such as SmarterMail).
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Setting Up Two-Step Authentication (2FA, MFA, etc.)SmarterMail > Desktop and Mobile Synchronization
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Migrate a Mailbox From Microsoft 365 (Office) to SmarterMailSmarterMail > Domain/User Configuration and Management
How to integrate Azure OAuth with SmarterTrackSmarterTrack > Server Configuration and Management
SmarterTrack SMTP Settings and Google 2-factor AuthenticationSmarterTrack > Installation and Configuration