This topic describes how to configure two-factor authentication for Carbon Black Hosted EDR.
To configure two-factor authentication:
Log into the console.
If you are logging in for the first time, or if you logged in previously and temporarily bypassed enrollment, the Two-Factor Authentication wizard appears.
On the first page of the Two Factor Authentication wizard, the following options are available:
Maybe Later – Bypass enrollment for now and proceed with logging in. You will have the option to configure two-factor authentication at your next login.
No Thanks – Do not enable two-factor authentication.
Let’s Do It! – Enable two-factor authentication.
If you decline to set up two-factor authentication, you are logged into the Carbon Black Hosted EDR.
To set up two-factor authentication, select Let’s Do It! and then click Start setup .
The What type of device are you adding? screen appears. You can add any of several device types for two-factor authentication, including mobile phone devices, tablets, and landlines.
Select the type of device you are adding and click Continue .
Provide your phone number information and click Continue.
Select the type of phone device you are using and click Continue.Note:
This procedure uses an iPhone as an example, but you can add other types of devices.
Follow the instructions to install the Duo Mobile application on your device, and then click I have Duo Mobile installed .
With your phone, scan the bar code presented in the Activate Duo Mobile page.
When the check mark appears on the bar code indicating success, click Continue.
On the My Settings & Device page, make the following selections:
From the My default device is drop-down list, select your default device. This is useful when you use multiple devices for two-factor authentication.
Select the Automatically send me a check box and select either Duo Push or Phone Call as your preferred communication mode with Duo Mobile.
Click Save. When your device is successfully added, click Done (you might need to scroll down to see the Done button).
On the Choose an authentication method page, select an authentication method:
Send me a Push – Select this recommended option to receive a Duo push notification to authenticate. Tap Approve on the Duo login request that is received on your phone.
Call Me – Select this option to receive a phone call to authenticate.
Enter a Passcode – Select this option to enter a Duo Mobile passcode to authenticate. Open the Duo Mobile application on your phone and click the key icon to generate a new passcode.
When authentication is successful, you are logged into Carbon Black Hosted EDR. The HUD page appears.