When two-factor authentication (2FA) is enabled, any users that have access to the management console are prompted to enter an authentication code sent to either their email address or phone number when signing in. There are a few things to note:
- Codes expire within 10 minutes. You will need to request a new auth code after the previous one has expired.
- Once you successfully sign in, you will not be prompted to enter a code again for 30 days.
- Codes are prompted any time a new browser is used to sign in regardless of the last time you entered a code.
- Sign into the management console as the user you wish to enable 2FA for.
- Note: This user needs to have web console access
- Click on your profile
- Under user details, enable 2FA by clicking “Enable”
- Enter email address or phone number
- Send code
- Enter code and save
- An admin can only enable 2FA for themselves when signed in
- Admins can disable 2FA in the same place they enabled it
- Super admins can disable 2FA for themselves and for sub admins
- Sub admins can only disable 2FA for themselves
Zello will keep a record in the audit log of:
- When 2FA is enabled
- When 2FA is disabled
- When 2FA is asked for a user when signing into the management console