Two Factor Authentication for TopLeft

TopLeft supports 2FA with Time-Based One Time Password (TOTP) generators. Two recommended ones are Google Authenticator (Android, Apple), and Authy (Android, Apple)

If you have 2FA enabled for your PSA you might consider enabling it for TopLeft as well to increase your security.

Enable Two Factor Authentication

The 2FA management options are located in your account dropdown menu. From this panel you can enable 2FA for your account, and set up backup tokens.

Follow the instructions of the setup wizard to finish securing your account.

 

Backup Tokens

Backup tokens can be used when your one-time password application isn't available. This is useful if your phone is lost, or destroyed, and you need to access your account. You can generate tokens from the 2FA management options.

You need to generate new tokens before they can be used.

  1. Access the 2FA management options
  2. Click "Show Codes"
  3. Click "Generate Tokens"
  4. Print these tokens, and keep them somewhere safe, and hidden.

 

Disable Two Factor Authentication

  1. To disable 2FA from your account, open your account dropdown menu and click "Two Factor Authentication".
  2. Click the "Disable Two Factor Authentication" button.
  3. Click the checkbox to confirm that you are disabling 2FA for your account.

 

 

Reset Two Factor Authentication Device

If you have lost your 2FA device, you can have an administrator disable 2FA for your account so that you can add a new 2FA device. To remove 2FA from a TopLeft user account, follow the steps below. You must have administrator privileges to perform these steps.

  1. From the main menu in TopLeft, click Admin > Administration.
  2. Scroll to the bottom of the page and click TOTP devices.
  3. Click the name of the user whose 2FA device you want to remove.
  4. Scroll to the bottom of the page and click Delete.

The user's 2FA has now been disabled. They will now be able to login into TopLeft without entering a 2FA token. Follow the steps above to add a new 2FA device.

 

2FA Required Mode

Admins have the option to require 2FA before users can access TopLeft boards.

When in this mode, users can not access any boards without first enabling 2FA for their accounts. They will be redirected to an access denied message, and a prompt to enable 2FA will be displayed.

  1. Open the Admin dropdown from the nav menu
  2. Click 'Options'
  3. Find 'SECURITY_TWO_FACTOR_AUTH_REQUIRED_MODE'
  4. Check the box to enable and hit save

 

To see which users have enabled 2FA view the list of users from the admin options.

  1. Open the Admin dropdown from the nav menu
  2. Click 'Administration'
  3. At the very bottom click 'Users'

A green checkmark under the 'ENABLED 2FA' column indicates that the user has enabled 2FA with at least 1 device.

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

TopLeft Kanban Board Ideas for MSPs

Need inspiration for your TopLeft Kanban boards? Here are a few examples of Kanban boards that...

Ranking Cards

Visualizing work priority is a key concept in Kanban. TopLeft makes it easy to view and change...

Moving Cards Between Columns

The status of a ticket or stage of an opportunity is shown by the column it's in. You can change...

Understanding Data Synchronization

TopLeft displays tickets and opportunities from ConnectWise Manage and keeps its own copy of...

Creating Notes on Tickets and Tasks for Autotask

Please note: Note impersonation is not available in TopLeft yet. The note will appear as created...