Enable MFA for users

While it is still not possible to force the configuration of multi-factor authentication (MFA) at the user level without Devolutions Server, a few options have been added in Remote Desktop Manager that could suit your needs.

These features are only available when using an advanced data sources.

You cannot configure MFA for users. Once activated, each user will need to configure it manually in File – My Account Settings. For more information about the configuration, consult Multi-factor authentication.

Force application multi-factor authentication mode

In Administration – System Settings – Application Specific – Applications – Security – Force application multi-factor authentication mode, select either:

  • Don't force: Does not force application multi-factor authentication mode.
  • Check against all configured methods: Prompts for the configured MFA methods only.
  • Prompt for selection on use: Prompts for which MFA to configure on use.

Force application multi-factor authentication mode
Force application multi-factor authentication mode

Force application security with TOTP (Authenticator)

In Administration – System Settings – Application Specific – Applications – Security, check Force application security with TOTP (Authenticator) to enable it.

Force application security with TOTP (Authenticator)
Force application security with TOTP (Authenticator)

Force application security with Duo (Authenticator)

In Administration – System Settings – Application Specific – Applications – Security, check Force application security with Duo (Authenticator) to enable it.

Force application security with Duo (Authenticator)
Force application security with Duo (Authenticator)

Force data source multi-factor configuration

In Administration – System Settings – Vault Management – Security Settings – Security, check Force data source multi-factor configuration to enable it.

Force data source multi-factor configuration
Force data source multi-factor configuration

Prompt for MFA before going offline

In Administration – System Settings – Application Specific – Cache/Offline – Offline, check Prompt for MFA before going offline to enable it.

Prompt for MFA before going offline
Prompt for MFA before going offline

Force with group policies (GPOs)

We also have GPOs that could help you achieve your goal. An example is the Force multi-factor authentication on the application login GPO.

%Root%\SOFTWARE\Policies\Devolutions\RemoteDesktopManager\ForceApplicationMFA

For more information about the configuration, consult Apply policies.

Give us Feedback