What is multi-factor authentication?
MFA (or sometimes known as Two-Factor Authentication, 2FA) is the principle that a user needs to provide more than one type of evidence to access an account.
| Evidence Required | Examples |
|---|---|
| Something you know | Passwords and PINs, Security Questions |
| Something you have | OTP Tokens, U2F Tokens, Certificates, Smart Cards, Email, SMS, Phone Calls |
| Something you are | Biometrics (Fingerprints, Facial Recognition, Iris Scan) |
| Somewhere you are | Source IP, Geolocation, Geofencing |
| Something you do | Behavioral Profiling, Keystrokes/Mouse Dynamics |
Why is multi-factor authentication important?
Multi-factor authentication (MFA) is important because it’s a strong defence against password related attacks. Microsoft estimates accounts are 99.9% less likely to be able to be compromised if MFA is used.
MFA with Veeam Backup & Replication
Veeam Backup & Replication uses multi-factor authentication to make your account more secure. A one-time password (OTP) from a third party app on your phone is required in addition to your username and password. Satisfying another evidence type from the table above.
How MFA Works
When a user logs into Veeam Backup & Replication a check is performed on whether:
a) MFA is enabled
b) MFA is configured for that user
If MFA is enabled but not configured for the user, the user is given instructions on how to set up MFA.
If MFA is enabled and configured the user is prompted for the 6 digit confirmation code from their authentication application.