How to configure two-factor authentication in ADAudit Plus
In this article:
Objective
Prerequisites
Steps to follow
Validation and confirmation
Tips
Related topics and articles
Objective
To enable and manage two-factor authentication (2FA) in ADAudit Plus, enhancing login security by requiring an additional verification step beyond the username and password.
Prerequisites
You must have administrative access or delegate permission to configure 2FA in the ADAudit Plus web console.
Ensure email and SMS configurations are set up if you plan to use those verification methods.
Steps to follow
Step 1: Enable 2FA
Log in to the ADAudit Plus web console.
Navigate to Admin > Administration > Logon Settings.
Select the Two-Factor Authentication tab.
Toggle the option to enable 2FA.
Configure one or more of the following authentication modes:
Email Verification
SMS Verification
Google Authenticator
RSA SecurID
Duo Security
RADIUS authentication
Note:
When 2FA is enabled, all technicians must complete a second authentication step to access ADAudit Plus.
Only the default admin user can choose to bypass the 2FA process during login.
If multiple authentication modes are configured, users must select their preferred verification method during login.
Step 2: Manage enrolled users
As an administrator, you can view and manage which users have set up 2FA and which methods they are using:
In the Two-Factor authentication tab, click Enrolled Users.
In the pop-up window, review the list of users and their selected authentication modes.
To remove a user from 2FA enrollment, select the user and click the delete icon.
Step 3: Enable backup verification codes
Backup verification codes allow users to access ADAudit Plus when they do not have access to their phone or are unable to use their configured authentication method:
Log in to the ADAudit Plus web console with admin credentials.
Navigate to Admin > Administration > Logon Settings.
In the Two-Factor Authentication tab, select the check box for Backup Verification Code.
When this option is enabled, each user will receive a set of five unique codes they can store securely. Each code can be used only once. Users can generate a new set of codes if needed.
Step 4: Manage backup verification codes as a user
Prerequisite:
At least one authentication mode must have been successfully configured before backup codes can be generated.
To access and manage backup verification codes:
Click the drop-down menu next to your profile picture in the top-right corner of the web console.
Select Two-Factor Authentication.
Click Manage Backup Verification Codes.
In the pop-up window, you will see the list of existing backup codes.
To generate a new set of codes, click Generate New Codes.
Download, print, or email the codes and store them securely.
Click OK to close the pop-up.
Step 5: Use backup verification codes during login
If you cannot access your phone or primary authentication method:
Log in to ADAudit Plus as usual.
Choose one of your configured authentication modes and click Next.
On the verification screen, click Use Backup Verification Codes.
Enter one of your backup codes and click Verify Code to complete the login.
Step 6: Manage trusted browsers
Users can manage which browsers they trust for 2FA:
Click the drop-down menu next to your profile picture in the top-right corner of the web console.
Select Two-Factor Authentication.
Click Manage Trusted Browsers.
Validation and confirmation
Test login using each configured authentication method to confirm 2FA is working properly.
Verify that backup codes can be used successfully if primary methods are unavailable.
Confirm that enrolled users appear under enrolled users and that their authentication modes are recorded correctly.
Tips
Encourage users to generate and securely store backup verification codes immediately after configuring 2FA.
Periodically review and remove outdated trusted browsers for better security.
Regularly update SMS and email settings to ensure delivery of verification codes.
Related topics and articles
How to configure SSO in ADAudit Plus
New to ADSelfService Plus?
Related Articles
How to enable SSL automatically using ADAudit Plus
In this article : Objective Prerequisites Steps to follow Validation and confirmation Tips Related topics and articles Objective This article provides step-by-step guidance on how to enable SSL automatically using ADAudit Plus. Securing ADAudit Plus ...Troubleshooting 2FA in ADAudit Plus
In this article : Issue description Prerequisites Possible causes Resolution Related topics and articles How to reach support Issue description ● What is the issue? Two-factor authentication (2FA) in ADAudit Plus adds an extra layer of security by ...How to configure Email server using SMTP in ADAudit Plus
Objective This article explains how to configure the email server using SMTP in ManageEngine ADAudit Plus. Configuring the SMTP server allows ADAudit Plus to send notifications and reports via email. Prerequisites To configure the email server using ...How to configure Workstations in ADAudit Plus
In this article: Objective Prerequisites Steps to follow Validation and confirmation Tips Related topics and articles Objective To configure Windows Workstations in ADAudit Plus using either the product console or command-line arguments, and to apply ...Unable to configure EMC Isilon in ADAudit Plus
In this article: Issue description Prerequisites Possible causes Resolution Related topics and articles How to reach support Issue description ADAudit Plus is unable to add the EMC Isilon cluster, preventing file activity monitoring and auditing. ...