Getting Started With Multifactor Authentication (mfa)

Topic

This article explains how to set up multifactor authentication for Datto SaaS Protection, Datto Partner Portal, Datto RMM, and Backupify Direct users.

Environment

Datto Partner Portal
Backupify/Datto SaaS Protection
Datto RMM
Datto Workplace and File Protection

Description

NOTE Beginning June 22nd, 2020, mfa will be a part of the login process for all affected users.

You must set up multifactor authentication (mfa) with your application to access your account. If you haven't already done so, the Partner Portal or the Backupify login page will prompt you to enable multifactor authentication at your next login.

Sharing an account

Sharing an account is an insecure practice, and is impractical with mfa, since the system will only dial one phone number for authentication. Make sure each user has an individual login account.

Index

Why multifactor authentication?

Conventional password protection offers a single layer of security. Passwords are vulnerable to divulgence through human error and defeat through increasingly sophisticated forms of automated attack.

Multifactor authentication provides additional security. After entering your password, the authentication software contacts you via trusted means, such as your mobile phone number, and requests additional verification. This extra protection dramatically reduces the success rate for malicious access attempts.

Enable multifactor authentication

1. Navigate to your Partner Portal or Backupify login page, enter your account credentials, then click the LOG IN button.

For Datto partners, including SaaS Protection users, navigate to the Partner Portal login page.
For Backupify Direct users, navigate to the Backupify login page.

Figure 1: The Login window

2. Click Third Party Authenticator App, then click the Enable mfa button.

Figure 2: The select Authentication Method prompt

3. Open your authenticator app and scan the QR code to complete the setup.

Figure 3: Setup via third-party authenticator app

For additional information, see How do I set up an external authenticator app for the Datto Partner Portal?

Download and install the Duo app

Datto supports Duo as its native multifactor authentication app. See Setting up Multifactor Authentication (mfa) with Duo for more information.

Changing your information

You can change employee names or phone numbers used for mfa with partner accounts from the Partner Portal user settings page.

Logging in on trusted networks

If you log in from an IP address that your Partner Portal admin has allow-listed as a trusted network, you will only receive the authentication prompt every three weeks instead of being prompted on each login. See Datto Partner Portal: Company Settings for more information on allow-listing networks.

NOTE Trusted network allow-listing is unavailable for accounts belonging to end-user organizations of Datto partners; these accounts must authenticate on every login.

	Need troubleshooting help? Open the Datto Help Center.
	Want to talk about it? Head on over to the Datto Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the ideas forum!
	Provide feedback for the Documentation team.