Two-Factor Authentication Enrollment Process

2FA enrollment flow

Once the 2FA feature is toggled as required for an entire tenant by Tenant Admin or for particular users within a tenant by System Role user, such a user within the tenant that logs in the VSA Admin Portal must enroll in 2FA:

Download the TOTP Authenticator application on a mobile device OR add Authenticator Extension in the Chrome browser.
Launch VSA Admin Portal application and enter credentials as usual.
Click Next in the Your Security Matters screen.
Launch the Authenticator application.
Add your VSA Admin Portal account to the Authenticator application:

by scanning the QR code displayed in the VSA with the Authenticator application.
by manually entering the Alphanumeric Code displayed in the VSA in the Authenticator application.

Enter Authentication Code generated by your Authenticator application into VSA Admin Portal screen and click enabled Submit button.
Click Done button to access VSA home page.

NOTE The Authentication Code should be entered within the 30-second period. Otherwise, you should enter the next non-expired Authentication code displayed in the Authenticator application. The code expiration is tracked in the Authenticator application.

NOTE If the 2FA enrollment process was not completed because internet connection has been lost, or browser has been closed by accident, the user will restart from scratch the enrollment process upon next login attempt.

NOTE If a user is unable to access the mobile device, System Role User within their tenant has the ability to reset the 2FA status. This will enable the user to go through the 2FA enrollment again.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!