Enable MFA for users

While it is still not possible to force the configuration of multifactor authentication (MFA) at the user level without Devolutions Server, a few options have been added in Remote Desktop Manager that could suit your needs.

These features are only available when using an advanced data sources.

You cannot configure MFA for users. Once activated, each user will need to configure it manually in File – My Account Settings. For more information about the configuration, consult Multifactor authentication.

Force application multifactor authentication mode

In Administration – System Settings – Applications – Security – Force application multifactor authentication mode, select either:

  • Default (Don't force): Does not force application multifactor authentication mode.

  • Check against all configured methods: Prompts for the configured MFA methods only.

  • Prompt for selection on use: Prompts for which MFA to configure on use.

Force application multifactor authentication mode
Force application multifactor authentication mode

Force application security with TOTP (Authenticator)

In Administration – System Settings – Applications – Security, check Force application security with TOTP (Authenticator) to enable it.

Alternate Text Descriptive fallback text for screen readers and search engines.
Alternate Text Descriptive fallback text for screen readers and search engines.

Force application security with Duo (Authenticator)

In Administration – System Settings – Applications – Security, check Force application security with Duo (Authenticator) to enable it.

Force application security with Duo (Authenticator)
Force application security with Duo (Authenticator)

Force data source multifactor configuration

In Administration – System Settings – Vault Management – Security Settings – Security, check Force data source multifactor configuration to enable it.

Force data source multifactor configuration
Force data source multifactor configuration

Prompt for MFA before going offline

In Administration – System Settings – Application – Cache/Offline – Offline, check Prompt for MFA before going offline to enable it.

Prompt for MFA before going offline
Prompt for MFA before going offline

Force with group policies (GPOs)

We also have GPOs that could help you achieve your goal. An example is the Force multifactor authentication on the application login GPO.

%Root%\SOFTWARE\Policies\Devolutions\RemoteDesktopManager\ForceApplicationMFA

For more information about the configuration, consult Apply policies.

Devolutions Forum logo Give us Feedback