Two-factor authentication

N-able N-central supports Two-Factor Authentication (2FA), a multi-factor authentication (MFA) method, to provide a stronger layer of security for user accounts. By requiring users to verify their identity with two distinct factors, something they know (password) and something they have (authentication code), N-central reduces the risk of unauthorized access due to compromised credentials. With a second verification requirement, even if someone steals a password, they cannot get passed the second verification step. N-central supports time-based one-time password (TOTP) apps such as Google Authenticator that users can download to their mobile device.

While the N-central UI uses the term "MFA," this setup is technically 2FA when only one secondary factor is used (that is, password + TOTP).

How 2FA works in N-central

When MFA is enabled on a user's account to allow 2FA, they are presented with a bar code the next time they sign in to N-able N-central with their usual credentials,. This automatically configures them within the application and continuously generates a time-sensitive pass code.

N-central implements 2FA using standard TOTP apps that generate 6-digit codes, which expire every 30 seconds. During login:

• The user enters their username and password.

• N-central prompts the user to enter a code from their app.

• If the code matches, the user is granted access.

This setup provides simple yet effective protection against many types of attacks, including brute force, phishing, and credential stuffing.

Supported 2FA Applications

N-central supports any standard TOTP app, such as:

• Microsoft Authenticator

• Google Authenticator

• Authy

• Duo Mobile (in TOTP mode)

• 1Password, LastPass Authenticator, and other TOTP-compatible apps