Im the administrator on my company of the TV product.
I need my users to use the two-factor autentication.
How do i activate these option for my users?
Hi @ChrisCL ,
Thank you for your post.
In order to activate the two factor authentication, please read this article.
Hope this will be helpful for you.
I am a cyber secrity expert. My question:s:
To my understanding the 2fa is for the Teaviewer account access to the web site. There is 2FA for establishing the the remote session to a computer. Is that correct?
Regarding the authentication flow (as depicted in https://www.teamviewer.com/en/trust-center/security/?_ga=2.**Please do not post TeamViewer IDs**.**P...) - what is the role of the password in the flow? Is the password transferred as a clear text at the connection initiation?
Hi @sbaror11 ,
Thank you for your reply.
2FA is only for accounts upon login, there is no 2FA specifically for a connection to a device.
The password is the first level of authentication.
As per the article the password is not transferred directly:
"Each TeamViewer client has already implemented the public key of the master cluster and can thus encrypt messages to the master cluster and check messages signed by it. The PKI (Public Key Infrastructure) effectively prevents “man-in-the-middle-attacks” (MITM). Despite the encryption, the password is never sent directly, but only through a challenge-response procedure, and is only saved on the local computer"
During authentication, the password is never transferred directly because the Secure Remote Password (SRP) protocol is used. Only a password verifier is stored on the local computer.
Hope this will hlep you.