Two-Factor Authentication Security Rules

Once enrolled in 2FA, users will have to provide Credentials each time they login VSA. The TOTP-entry step can be skipped, if users choose to remember their device(s) for the time defined at the tenant level.
If a user fails 2FA verification the number of attempts defined by the Lockout Settings at the tenant level, the user’s account will be locked out.
If a user fails 2FA verification cycle (entering the credentials and the Time-based, One-Time Code) the number of times defined by the tenant Lockout Policy, the User Account will be locked out. To unlock it, please contact a System Role User in your tenant.

NOTE The Lockout will occur, if user enters incorrect values the number of times that exceeds the number of attempts defined by Lockout Settings in either the login page or TOTP-entry screens.

NOTE Users with active AAoD accounts and AAoD Module enabled for their tenant will be able to continue using the same authentication procedure.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!