Documentation forSolarWinds Service Desk

Multi-Factor Authentication - User Experience

On this page

Login policy

Your login policy establishes the rules around your users loging into SWSD. Your login policy establishes the type of user authentication required, and your password policy. See Login policy for more information.

Incomplete authentication process

If at any time a user is unable to complete the login authentication process due to a change in phone number or an unexpected error, an administrator can reset the MFA setup via the button in the user index.

Single sign-on and multi-factor authentication

Security of your data is essential. Therefore, if your organization is already using Single Sign-On (SSO) as your authentication process, you can integrate the SSO feature with your SolarWinds Service Desk. (SSO vendors usually offer built-in MFA support, therefore SSO will supercede MFA authentication). However, the SolarWinds MFA is a highly secured login option for customers not currently utilizing SSO and does not require the services of any additional vendors.

Additional utilization of MFA would be for external users. Even if your internal team identifies upon login via SSO, if you work with outside contractors as well, they can safely login to the SolarWinds Service Desk via MFA and would not require an SSO account.

MFA user experience

After the administrator activates the MFA process, upon first login, the user will be prompted on the user desktop and any mobile devices utilizing the Service Desk application:

  1. The user is informed of the new authentication step and asked to enter a mobile number

  2. A code is sent to the mobile number provided and the user must enter the code (PLEASE NOTE: the code is only valid for 30 minutes, after which a new code is required)

  3. A second authentication option is via Google Authenticator, simply scan the QR code and enter the verification code provided

  4. Users will be prompted to authenticate on mobile devices as well

  5. After initial user setup of the MFA process, the user will select which method to receive a verification code.

When a user updates their mobile number on the User profile page, and MFA is active, there is a Verify button to authenticate the phone number via MFA.

Password policy

You can utilize this feature to modify your password policies, to achieve the desired security settings for your user base.

These password policies are designed for native login only. If you are utilizing a Single Sign-on (SSO) provider, your SSO policy will supersede these password policies.

You can determine the complexity of the passwords used by both requesters and users that fall under ‘non-requesters.’

For example: 

  • Minimum number of characters (should be at least 8 characters or more)

  • Mixed capitalization

  • and include at least one number

In addition to password complexity, you can also define:

  • Password expiration timeline

  • Maximum number of invalid login attempts

  • Session timeout policies

Related topics

Login history