While it is still not possible to force the configuration of multi-factor authentication (MFA) at the user level without Devolutions Server, a few options have been added in Remote Desktop Manager that could suit your needs.
These features are only available when using an advanced data sources.
You cannot configure MFA for users. Once activated, each user will need to configure it manually in File – My Account Settings. For more information about the configuration, consult Multi-factor authentication.
In Administration – System Settings – Application Specific – Applications – Security – Force application multi-factor authentication mode, select either:
Don't force: Does not force application multi-factor authentication mode.
Check against all configured methods: Prompts for the configured MFA methods only.
Prompt for selection on use: Prompts for which MFA to configure on use.
In Administration – System Settings – Application Specific – Applications – Security, check Force application security with TOTP (Authenticator) to enable it.
In Administration – System Settings – Application Specific – Applications – Security, check Force application security with Duo (Authenticator) to enable it.
In Administration – System Settings – Vault Management – Security Settings – Security, check Force data source multi-factor configuration to enable it.
In Administration – System Settings – Application Specific – Cache/Offline – Offline, check Prompt for MFA before going offline to enable it.
We also have GPOs that could help you achieve your goal. An example is the Force multi-factor authentication on the application login GPO.
%Root%\SOFTWARE\Policies\Devolutions\RemoteDesktopManager\ForceApplicationMFA
For more information about the configuration, consult Apply policies.
Give us Feedback