Two-step verification, also known as 2-factor authentication or 2FA, or Multi-factor authentication (mfa) is an optional but highly recommended security feature.
Once enabled, logging into Splashtop will require an additional six-digit security code, in addition to your account's password. The security code will be sent to your email.
This means, even if someone has guessed or stolen your On-Prem account ID and password, he or she will not be able to log into your account and access your computers.
From Gateway v3.36.0, Splashtop On-Prem supports email OTP (One-Time Password) based two-step verification.
Enable SMTP server in Gateway
Since two-step verification relies on email, please ensure the SMTP server is correctly configured and enabled. Additionally, verify that users' email addresses are accurate. Otherwise, they will not receive the one-time password to complete the two-step verification process.
Log in to the web console as Team Owner, go to Settings > Email, then you need to configure and enable your SMTP server.
Enable two-step verification and select the method for two-step verification
Log in to the web console as Team Admin. Go to Management > User, enable two-step verification for users and select Verification by Email as the two-step verification method.
Set up two-step verification
Please follow the instructions to complete the two-step setup flow. First of all, Click Set up to proceed to the next step.
Then, the 6-digit code will be sent to your email. Enter the 6 code and click Next to finish pairing.
Click Copy codes or Save codes to save your recovery code. Please note that this code will only be displayed once, save it in a secure place. Then, click Proceed to go to the next step.
Finally, you've successfully enabled two-step verification.
Log in to Web Console or Splashtop On-Prem app with email
If an account has been enforced to enable two-step verification, after the user enters the account and password, he needs to fill in the one-time 6-digit code received in his mailbox to complete the login process.
Otherwise, if Team Owner has allowed trust device, users can check trust this device for convenience.
Q&A
1. What if I lost my cell phone and forgot my recovery code?
Please contact your Team Admin to reset your 2FA settings if recovery codes are lost.
The following is the procedure of resetting 2FA for Team Admin:
- Login to the web console as Team Admin.
- Go to Management -> Users -> Gear button -> Configure two-step verification.
- Disable 2FA.
- User could set up 2FA again.