Escan/english/escan22/eScan Management Console/Policies/Features Help/Administrator Password
Administrator Password
Administrator Password lets you create and change password for administrative login of eScan protection center and Two-Factor Authentication.
eScan Password
It also lets you keep the password as blank, wherein you can login to eScan protection center without entering any password for read-only access.
There is also an option to set a uninstall password. An uninstallation password prevents personnel from uninstalling eScan client from their endpoint. Upon selecting Uninstall option, eScan asks them for uninstall password. To set an uninstall password, select check box Use separate uninstall password.
Two-Factor Authentication
Your default system authentication (login/password) is Single-Factor Authentication which is considered insecure as it may put your organization's data at high risk of compromise. The Two-Factor Authentication, also more commonly known as 2FA, adds an extra layer of protection to your basic system logon. The 2FA feature requires personnel to enter an additional passcode after entering the system login password. So, even if an unauthorized person knows your system credentials, the 2FA feature secures a system against unauthorized logons.
With the 2FA feature enabled, the system will be protected with basic system login and eScan 2FA. After entering the system credentials, eScan Authentication screen (as shown below) will appear. The personnel will have to enter the 2FA passcode to access the system. A maximum of three attempts are allowed to enter the correct passcode. If the 2FA login fails, the personnel will have to wait for 30 seconds to log in again.
To enable the Two-Factor Authentication feature, follow the steps given below:
|
NOTE |
You can enable the 2FA feature for existing Policy Templates by selecting a Policy Template and clicking Properties. Then, follow the steps given below. |
Following window appears.
The Two-Factor Authentication feature gets enabled.
Login Scenarios
The 2FA feature can be used for following all login scenarios:
RDP
RDP stands for Remote Desktop Protocol. Whenever someone takes remote connection of a client's system, the personnel will have to enter system login credentials and 2FA passcode to access the system.
Safe Mode
After a system is booted in Safe Mode, the personnel will have to enter system login credentials and 2FA passcode to access the system.
Local Logon
Whenever a system is powered on or restarted, the personnel will have to enter system login credentials and 2FA passcode to access the system.
Unlock
Whenever a system is unlocked, the personnel will have to enter login credentials and 2FA passcode to access the system.
Password Types
If the policy is applied to a group, the 2FA passcode will be same for all group members.
The 2FA passcode can also be set for specific computer(s).
You can use following all password types to log in:
Use eScan Administrator Password
You can use the existing eScan Administrator password for 2FA login. This password can be set in eScan Password tab besides the Two-Factor Authentication tab.
Use Other Password
You can set a new password which can be combination of uppercase, lowercase, numbers, and special characters.
Use Online Two-Factor Authentication
This option can be enabled for all users or for particular user according to the requirement.
|
NOTE |
Users can be added via Settings > Two-Factor Authentication > Users for 2FA option. |
To use this feature, follow the steps given below:
- Install the Authenticator app from Play Store for Android devices or App Store for iOS devices.
- Open the Authenticator app and tap Scan a barcode.
- Select the check box Use Online Two-Factor Authentication.
- Go to Managed Computers and below the top right corner, click on code for 2FA.
A QR code appears. - Scan the onscreen QR code via the Authenticator app.
A Time-based One-Time Password (TOTP) appears on smart device. - Forward this TOTP to personnel for login.
Advanced Setting
Clicking Advanced Setting displays Advance setting.
Enable Automatic Download (1 = Enable/0 = Disable)
It lets you Enable/Disable Automatic download of Antivirus signature updates.
Enable Manual Download (1 = Enable/0 = Disable)
It lets you Enable/Disable Manual download of Antivirus signature updates
Enable Alternate Download (1 = Enable/0 = Disable)
It lets you Enable/Disable download of signatures from eScan (Internet) if eScan Server is not reachable.
Set Alternate Download Interval (In Hours)
It lets you define time interval to check for updates from eScan (Internet) and download it on managed computers.
Disable download from Internet for Update Agents (1 = Enable/0 = Disable)
Selecting this option lets you disable Update Agents from downloading the virus signature from internet.
Stop Auto change for download from Internet for Update Agents (1 = Enable/0 = Disable)
This option is used when an Update Agent didn't find the primary server to download virus signature, then it tries to get virus signature from internet, so to stop Update Agent from downloading from internet this option is to be set to 1(one).
Enable Download of Anti-Spam update first on clients (1 = Enable/0 = Disable)
Normally while updating a system for virus signatures, we first download the anti-virus signature and then anti-spam signature. This option lets you first download Anti-spam updates on clients.
No password for pause protection
Selecting this option lets you pause the eScan protection without entering password.