Announcements

Shape the future of TeamViewer with our Product Team. Click here to join!

Posted by Joeri_B
Photon

Feature suggestion - Force 2 Factor Authentication in Corporate environment

Hello,

 

Would like to make a Feature suggestion. (made a official feature suggestion last year, but thought with the new community it would be nice to get other people's feedback on this as well)

 

It would be nice for System admins from Corporate license holders to have the possibility to force license users to use 2 factor authentication, and not let the "normal" users of the license have to enable this by themselves.

 

Basically, i want to have more control as system admin on how the users are making use of teamviewer and how the connections are being made ;)

 

Regards

Joeri

19 Replies
Posted by powen
Henagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I agree totally, and also made this suggestion through support channels over a year ago. I end up having to call them occasionally so they can check the back end to make sure all our users still have two factor enabled, since I have no visibility if they disable it. 

Security is important to my company, so making 2 factor non-optional for users under my care would be huge. 

Posted by JohnthePilot
Digon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I think 2FA is the only way, at present, that unauthorised access to accounts can be stopped.

Posted by Szienz
Trigon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Posted by Shermaine
Digon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I have requested this recently too, they told if more user request this, it will be considered, I dont know already so many of us requested this

Posted by mLipok
Heptagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

You are only talking about unathorized access to TV account.

What if user is looged to TV Standalone APP ?
If you have assigned remote host with easy access ?

Are you sure user always lock scren or log off from TeamViewer , I mean each time when he stand up from the desk ?

I think your reqest is some how related to Restrict user to connect to remote host with stored password ?

Regards,
mLipok , AutoIt MVP

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button.

Posted by MarSal
Digon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Same request made by my company: 21 channels, 200 users. I need to enforse 2fa usage.

There should be a user-side policy editor. I don't want users to be able to delete connections also. they should be able to change their personal password only (if you don't let users manage their profile, they are not even able to change their password)

Posted by mLipok
Heptagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment


@MarSal wrote:

Same request made by my company: 21 channels, 200 users. I need to enforse 2fa usage.

There should be a user-side policy editor. I don't want users to be able to delete connections also. they should be able to change their personal password only (if you don't let users manage their profile, they are not even able to change their password)


What you mean "delete connections" ?

Regards,
mLipok , AutoIt MVP

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button.

Posted by cbradley
Electron

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

2FA is becoming a requirement for UK public sector bodies as part of Cyber Essentials. Without this we can't commit to using TeamViewer.
Posted by Szienz
Trigon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Highlighted
Posted by cbradley
Electron

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I'm not sure I understand your response - how do I force users to enable 2FA or check that they have enabled it? Many of my users are off-site.
6 Replies
Posted by Szienz
Trigon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Sorry, misunderstood your question, this 2FA is on the account site, not for the users receiving support. But they need to provide you with a new password at every session when correctly configured.
Posted by cbradley
Electron

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

This also applies for my admins/support team - how do I force them to set up 2FA or check that they've done it?
Posted by Szienz
Trigon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I work only with a small team, not a forec rule for us. But if you have a large international team of admins, just give teamviewer HQ a call, maybe they can set something up at corporate account level. In my experience, they are very responsive to customer enquiries.

Posted by Moderator Moderator
Moderator

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Hi @cbradley,

Thank you for your post. 

Currently it is not possible to force your team to enable 2FA, yet. 

I forward your idea to my colleagues in the product management :) 

Have a nice day and all the best,
Natascha

Posted by brookharste
Henagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Yes, I just need to know our admin's have enabled it. Just a report. A check next to the name in a column that says 2FA? Easy?

Posted by greytuk
Henagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Same request from us. We need to be able to enforce all users are using 2FA, and at least in the interim be able to view that end users have enabled this.

It is crazy that this is not available in the Enterprise product...

 

Posted by WannesBoon
Henagon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Also the same request for us. Is there any progress on this request?

We need to at least be able to see if the administrator users have 2FA enabled. Preferably we need to be able to force the admin users to use 2FA or deny them access if 2FA is not enabled.

I was surprised this isn't already possible since almost every security setting for the TV clients is manageable with policies. I was expecting similar possibilities with policies for the users that are joined to our TV company.

Posted by Moderator Moderator
Moderator

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

Hi @WannesBoon 

Thank you for the upvote. 

I will forward your suggestion to my colleagues in the Product Management. 

In the Management Console, you have the possibility to SEE, if someone has TFA enabled or not. 

In the User Management Tab, you have the following view: 2019-11-13 11_15_35-TeamViewer Management Console.png

Hope this could help. Wish you a great day. 

All the best,
Natascha

Posted by MarSal
Digon

Re: Feature suggestion - Force 2 Factor Authentication in Corporate environment

I mean they should not be able to delete the connection logs. If you let them full permissions on their profile they will be able to also change the setting that will allow connection report deletion.

If you don't allow profile modification, users will not be able to enable 2FA