How to force user to use two factor authentication

Hi Expert,

I have setup 2 factor authenticatiom on the company administrator account by edit the profile. however it seems each user can turn on/off of that features at their own settings. I am thinking if there is a way we can enforce this feature for all users?

Thanks a lot

Shermaine

Find more posts tagged with

Accepted answers

JeanK

Hello all,

You can now force your users to use Two-Factor Authentication.

Please find how to proceed in our article:

📄 Enable Two-Factor-Authentication enforcement on company members

It would be great to hear your feedback about it.

All the best,

/JeanK

All comments

JBergonje

There is no policie available to enforce the 2 factor authentication on the user accounts of a license, this always have to be set by each user, due to privacy policies there is no reports available neither about the 2 factor authentication use, to deactivate it the user will have to login on the application and desable the option on the profile or use the deactivation code provided by the system when the option was enable for the account

JBergonje

I understand your situation but due to the privacy policies of TeamViewer I don't think this option will be available anytime soon, the 2 factor authentication is a security option for the accounts registered on TeamViewer, each owner of the accounts needs to decide to use that option or not.

sbohmer

Not solved.

MDNinja

Is this feature enabled yet?

jeremiahmiller

Do you have any update on this feature request please? It's been more than 2 years since the original post

sbohmer

Yes...this! ThomasL for president.

Sasanda

Can't believe this feature is still not available in TeamViewer. It's been more than three years and still being considered. I think its high time to consider about another product.

Grevevand

4 years later ?

its a joke...

Jannick

Any progress made in 2018 already? :manvery-happy:

This is noticed as solution.. So maybe I'm missing something

taemo

interested on this as well.

I don't see a way to enforce 2FA is enabled with policies.

No report either to tell me if a user has 2FA enabled nor a way to remove their 2FA in case they need to.

pcl

Any update on this?

To_By

Any Updates on this?

Do you really need 5 years to roll out such a small feature?

Alex_Tan_1

Any update on this topic? Another month to go before 5 years anniversary.😪

tldube

We have to flush Teamviewer from our array of tools as much as we liked it due to the lack of this feature. In 2021, for a company that claims to develop tech solutions, this is a joke. 2FA is required in every aspect of our managed network. This is a compliance requirement for many scopes... Your team should be urged to come up with a solution...

CorporateCustomerBB

We are in the same boat. Could not believe that there really is no way to enforce support, IT admins, to be required to use TFA/MFA on a security product. TeamViewer needs to add this checkbox of functionality leading to a forced MFA enrollment or otherwise empty connections / failed to setup account screen quickly.

If this does not happen in 2021, then in my opinion, TeamViewer will start to lose more and more of the medium-corporate type businesses fast. In 2022 security auditors for sure will report findings on TeamViewer being an MFA security incompliant type of IT management software for all but Enterprise SSO level customers.

Wayne_Langley

Good Day,

Is there any update to enforce TFA / MFA on user accounts?

dagstinus

Is there any movement towards the much-needed feature to enforce MFA?

lukejf

It is pretty pathetic that this is still not an option. I could be time for people to take their business elsewhere.

JeanK

This is great to hear, @NelsonEstrada5!

Thank you for your kudos, it's always a pleasure to read this kind of feedback.

Have a great day,

/JeanK

eryterywes5463

@JeanK

I must say that the reply and solutions of TeamViewer is very unprofessional ! I will explain:

When we speak about TFA regarding remote connection their are 3 entities: The remote client , The local client , The local User

The Local User - for that the article you sent is relevant but not complete and show actually support insecure setup, The expected option should be to enforce all users without having to enable disable each users. For example : the article is not handle a situation when a new user is added and someone misconfigured it and forgot to add TFA for that users. The Policy should enforce each new user created to have TFA automatically without any further setting. After creation Administrator might enable / disable TFA for exceptions . This is a big security misconfiguration hole in your TFA solution !
The remote client - Each remote client upon connections should ask for TFA approval (should BE a MUST for easy access - an there is not policies for that) - The problem with your policies is it is not enforce any remote client to setup local TFA accounts by default before any remote connection can be achieve. This is something Critical and your article does not refer to. it seems TeamViewer is very limited in terms of Enterprise Security Policy and this is a shame.
The local Client -Some policies should address the local client (For example , having a running antivirus or an updated OS) but will skip it since you do not have it and they are related to TFA

JeanK

Hello @eryterywes5463,

Thanks a lot for taking the time to provide constructive and valuable feedback.

I have passed the feedback on to our dedicated team.

You can be sure they will consider it and check how we can further improve our 2FA solution.

All the best,

/JeanK