Configuring multifactor authentication

Edit online

Protect your IBM® Storage Defender® user account from security vulnerabilities by configuring multifactor authentication.

About this task

Multifactor authentication (MFA) provides an extra layer of account protection by requiring all users to verify their identity by using more than one authentication method. When you log in to IBM Storage Defender for the first time, you must configure MFA by setting up at least one additional verification method in addition to your IBMid. Every time you log in to IBM Storage Defender, you are required to authenticate by using two different verification methods.

Considerations when configuring MFA:
  • The MFA prompt frequency cannot be modified or scheduled.
    • All user accounts are required to log in by using MFA for every session.
    • When your user authentication token expires (every 60 minutes), you will be prompted to reauthenticate.
    • After you access the MFA settings page, you might be prompted to reauthenticate.
  • Your IBM Storage Defender user account is associated with your IBMid, but profile settings for your IBMid user account and your IBM Storage Defender user account are maintained and controlled separately. In your IBMid profile, you can optionally configure additional MFA verification methods that are specific for your IBMid user account, but those IBMid MFA verification methods are not used to authenticate your IBM Storage Defender user account.
    • MFA verification methods for your IBMid and for your IBM Storage Defender user account are controlled separately.
      • (Optional) To configure MFA for your IBMid, go to your IBMid profile and click the Profile tab.
      • (Required) To configure MFA for IBM Storage Defender, follow the procedure on this page.
    • If MFA is configured for both your IBMid account and your IBM Storage Defender account, MFA requirements for both accounts are enforced separately and you might be prompted to authenticate by using MFA for both accounts every time you are prompted to reauthenticate.

Procedure

To update the multifactor authentication verification methods for your IBM Storage Defender user account, complete the following steps:
  1. Go to https://storage-defender.ibm.com.
  2. On the Welcome page, click Log in.
  3. On the IBM Security Verify page, sign in by using your IBMid and an alternative verification method that you already configured. Two-step verification is required.
  4. On the Data Resiliency Service home page, click the User Profile User profile icon icon from the menu bar and select Profile from drop-down list. The Profile page is displayed.
  5. To configure your MFA verification methods, click the MFA settings tile. The IBM Security Verify page opens in a new browser window.
    1. To add a verification method, click Add new method + and follow the browser prompts. You can choose from the following verification methods:
      IBM Security® Verify app
      Allows you to verify with a simple tap on your iOS or Android device by using the IBM Security Verify app.
      Authenticator app
      Allows you to verify by using a time-based, one-time (TOTP) access code that is generated by using an authenticator app on your smartphone or tablet.
      Email
      Allows you to receive a one-time access code that is sent to your email address.
    2. To modify an existing verification method, click the Actions icon icon next to the verification method that you want to delete, disable, modify, or test.