2FA/MFA - Two Factor Authentication

2FA/MFA - Two Factor Authentication

Enabling 2FA for your account enhances security for operators accessing your data. ScoutDNS supports token-based 2FA, which can be enforced for all operators with account access. Once enabled, operators must authenticate using a token sent to the email associated with their user ID. Super Admins can toggle 2FA on or off in the Access Management screen.

The 2FA toggle switch is located in the upper-right corner of the Access Management settings and is visible only to Super Admin users.




Once enabled, any operator with account access must authenticate using a six-digit token sent to their email. Operators can elect to Trust Device to bypass token authentication for 30 days, after which they will be required to enter a new token at their next login.

Info
If an operator has access to multiple ScoutDNS accounts, the token is valid for all accounts with 2FA enabled. They will not be prompted to enter a new token as long as their current session remains active.




    • Related Articles

    • Single Sign On (SSO) Configuration - Entra ID

      Entra ID SSO Enabling Single Sign On (SSO), allows admins to manage access for their instance through Entra ID SSO. ScoutDNS uses the Open ID Connect (OIDC) protocol for secure commination with Entra ID. SSO will disable all existing ScoutDNS ...
    • Working with Whitelist and Blacklist

      At times, it may be helpful to fully block or allow a domain based on your desired outcome. The White/Black List tab allows you to create and manage custom block and allow lists. You can associate these lists with all policies (global) or assign them ...
    • Organizations - Configuration and Management of Multi-Tenant Use

      ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and have different roles depending on each account's settings. The second level, enabled through the Organizations tab, ...
    • API Access

      API access is available for certain account types, allowing admins to self-manage API tokens for the standard ScoutDNS Operator API. This help article covers the Public Operator API. For access to other APIs, such as the OEM API, please contact ...
    • Configure Custom Block Pages

      Admins can edit the default block page and create multiple custom block pages for end users. Block pages are rendered through our block page service engine. Custom block pages can be assigned to WANs under Sites and to Roaming Clients on the Profile ...
    • Popular Articles

    • Working with Whitelist and Blacklist

      At times, it may be helpful to fully block or allow a domain based on your desired outcome. The White/Black List tab allows you to create and manage custom block and allow lists. You can associate these lists with all policies (global) or assign them ...
    • Quick Start Setup Guide - WAN Forwarding

      There are three methods you can use to protect your networks and users with ScoutDNS: 1) WAN Forwarding – This method involves configuring ScoutDNS with your WAN IP address and forwarding DNS queries from inside your network to our anycast resolver ...
    • Content Categories

      Below is a list of Content Categories and their descriptions. Adult Abortions These are sites that present arguments either in favor of or against abortion. This includes information on abortion procedures, sites that offer assistance in obtaining ...
    • Mixing DNS Providers

      It is generally not recommended to mix DNS providers. Most routers and systems randomly select which DNS server receives each packet, which can lead to issues with filtering and reporting due to mixed rules in the system cache. To avoid these ...
    • Dynamic IP Setup

      ScoutDNS supports dynamic DNS IP address integration with most dynamic DNS providers. Popular Dynamic DNS solutions include: No-IP ChangeIP DynDNS FreeDNS Once you have an account with one of these or a similar solution, you can configure ScoutDNS to ...
    • Recent Articles

    • Applications Categories - Zero Trust App Management

      The ScoutDNS Application Policy sub-tab lets you block whole groups of web applications while still allowing specific apps through an allow list. It covers tens of thousands of domains and supports a zero-trust security approach. For example, you can ...
    • Configure Entra ID based Policies

      ScoutDNS supports policy enforcement by user groups synced from Entra ID (formerly Azure AD). This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS ...
    • Setup and Use Guide for MSPs

      ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers. ...
    • Configure AD (Active Directory) Policies

      ScoutDNS supports policy enforcement by user groups synced from Active Directory. This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS syncs with ...
    • Configurable Objects and Their Associations

      ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations. Allow/Block List Allow/Block List Description ...