UPDATE MARCH 12: We’re pleased to confirm the enhancements highlighted below are now available to all customers.
Last week’s release also included an update to the username dropdown menu that shows at the top-right of the screen: a user can now revoke 2FA ‘trusted devices’ themselves from this menu, and they can view and edit their first and last name by clicking on ‘Edit Your Details’.
We’re pleased to let you know we’ll be releasing a set of security related updates in the coming days that are designed to give you more options and flexibility with regards to security settings at account and user level, and to also make RMM’s important security settings a little easier to use.
Here’s what’s coming:
- 2FA “Trusted Devices”: Enable this option on your work computer so you don’t have to enter the 2FA passcode each time you log in. It remembers your setting for 14 days at a time. This feature is already live so you can start to take advantage straight away.
- Revoke trusted devices: Undo the trusted devices option in the event you need to cancel this setting.
- Select your preferred security setting for using the remote access tools: Soon you’ll be able to choose between 2FA or IP Address Verification as your security setting in order to use Take Control and Remote Background Management in RMM:
- You can make 2FA optional instead of required for using Take Control and Remote Background Management with this new setting:
These enhancements follow on from the recent update to provide more information in the ‘Approved IP Addresses’ table to help you manage white listed IP addresses more effectively. We’ll also start to store new IP addresses added via email verification with the /32 subnet instead of the /24 subnet, which narrows it down to a specific IP address instead of a range.
Taken all together, it means you now have more choice and flexibility, while retaining an appropriately high level of dashboard security:
- Log in with both 2FA and IP Address Verification. The fullest level of security.
- Log in with 2FA only: switch IP Address Verification off in the Manage Users dialog for users who have 2FA turned on. Suitable for users who often work from different locations.
- Log in with IP Address Verification only, with 2FA optional: enable this option for your account under security settings. Useful for scenarios where phone or browser-based 2FA is not practical, e.g. when working inside restricted access areas. You have the option to make 2FA required for some users while exempting others, via the user-level settings in the User Accounts dialog.
We’re excited to bring you this update, offering appropriate, high-level security for your day to day operations, while adding greater flexibility and convenience for your users. We’ll confirm in a future post once the update has been made available everywhere.