Manage Two-Factor Authentication for Users

Required User Role: Administrator

Two-factor authentication (2FA) is a security method that requires two different forms of identification to verify a user's identity. This adds a crucial extra layer of protection beyond just a username and password. Once two-factor authentication is set up for a user, they must use a third-party authentication method of their choice alongside their login credentials to access Tenable Vulnerability Management.

When creating a user, administrators can choose to enable the Two-Factor Required option. Otherwise, administrators can manage two-factor authentication for their Tenable Vulnerability Management users in the following ways:

Tip: Users can mange two-factor authentication for their own account on the My Account page.

Reset 2FA

To reset two-factor authentication for a user:

  1. Access the Users page.

  2. On the right side of the row for the user for which you want to reset two-factor authentication, click the button.

    A menu appears.

  3. Click Reset 2FA.

    A confirmation message appears, and Tenable Vulnerability Management resets two-factor authentication for the selected user.

Enforce 2FA

To enforce two-factor authentication for a user:

  1. Access the Users page.

  2. On the right side of the row for the user for which you want to enforce two-factor authentication, click the button.

    A menu appears.

  3. Click Enforce 2FA.

    A confirmation message appears, and Tenable Vulnerability Management begins enforcing two-factor authentication for the selected user. The user can then login using the a Two-Factor Setup option, for example, a Time-based One-time Password.

    Tip: Once enforced, users can manage two-factor authentication for their own account on the My Account page.

Remove 2FA Requirement

To remove the two-factor authentication requirement for a user:

  1. Access the Users page.

  2. On the right side of the row for the user for which you want to reset two-factor authentication, click the button.

    A menu appears.

  3. Click Remove 2FA Requirement.

    A confirmation message appears, and Tenable Vulnerability Management removes the two-factor authentication requirement for the selected user.