Updated: October 30, 2020

Two-step verification

Two-step verification adds an extra level of security provides an extra level of protection against hackers attempting to gain access to a computer or network. With a second verification requirement, even if someone steals a password, they cannot get passed the second verification step. Users need to download Google Authenticator to their mobile device.

N-able N-central supports the Time-based One-Time Password (ToTP) RFC (RFC-6238) for Two-Step Verification. Google Authenticator was used in testing this feature. Other mobile apps that support the RFC - such as the DUO mobile app - are not supported by N-able, but may also work.

When a user signs in to N-able N-central with their usual credentials, they also scan a bar code that appears on the screen using Google Authenticator. This automatically configures the user within the application and continuously generates a time-sensitive pass code.

A user account must be configured to use the Two-Step Verification multi-factor authentication method.

You can set the two-step verification as the default authentication method for users.

After entering the passcode, a list of ten backup codes displays. Copy this list to a safe but accessible location. Use one of the backup codes to complete the sign in to N-able N-central if you are in a location where you do not have access to your mobile device. You can only use a backup code once. After you have signed in to N-able N-central, you can regenerate the backup codes. The backup codes are not time-sensitive and do not expire, unless the list is regenerated.

Whenever you subsequently sign in to N-able N-central, you will only need to enter the passcode that appears in Google Authenticator.

For multi-factor authentication to function properly, ensure that the N-able N-central time is very accurate for your local time zone. For more information, see Configure N-able - N-Central server date and time.

What do you want to do?