You can require a user to log in using two-factor authentication by enabling the Require Secondary Authentication option in the user record.
To require a user to log in using secondary authentication
-
Setup a secondary authentication provider in Appliance Management > Safeguard Access > Identity and Authentication. For more information, see Adding identity and authentication providers..
-
Configure the SPP user to Require Secondary Authentication. For more information, see Authentication tab (add user)..
-
On the Authentication tab of a user's properties, select the Require Secondary Authentication check box.
-
Choose the Authentication Provider.
-
Depending on the type of authentication provider selected, specify the additional information this user must use when logging into SPP with two-factor authentication.
-
-
Log in with secondary authentication.
When you log in to SPP as a user which requires secondary authentication, you log in as usual, using the password that is set for the SPP user account. SPP then displays one or more additional login screens. Depending on how the system administrator has configured the secondary authentication provider, you must enter additional credentials for your secondary authentication service provider account, such as a secure password, security token code, or both.
NOTE:The type and configuration of the secondary authentication provider (for example, RSA SecureID, FIDO2, and so on) determines what you must provide for secondary authentication. Check with your system administrator for more information about how to log in to SPP with secondary authentication.