Skip to main content

Windows: Setting Up Multi-Factor Authentication

Your PK Protect System Administrator may require you to confirm each of your devices, including the desktop application, with Multi-Factor Authentication (MFA). This system provides additional security to all the data, as if your password should become compromised, any attacker would also need possession of one or more mobile devices to access the PEM Agent account, and the data protected by it.

If MFA is required on your system, the PEM Agent will notify you. You must connect the PEM Agent to the PK Endpoint Manager Administrator and connect a mobile device for the PEM Agent to protect your data.

Right-click the PEM Agent tray icon and select My Account from the menu.

Click Manage multi-factor authentication on this screen.

The EndUser/MFA screen appears. Click Add TOTP Authenticator

When you click this, the page displays a QR code you can scan with your second device’s camera, or type in an alphanumeric code.

If you have the Google Authenticator on your device, the QR code will launch this authenticator. Enter the code provided by the Authenticator and name your device. Click Save to register the connected device with PEM Administrator.

Manage multi-factor authenticators

Check the device(s) you have registered in the system on the EndUser/MFA page. This page lists all connected devices.

If you lose a connected device, you can Disable it until you find it. You can also Delete a connected device when it is no longer in use.

This information is also listed on this page:

NameName of the paired device
EnabledWhether the device is active in the system. Click the link to Disable the device.
KindIf the authenticator is a certificate or TOTP
Updated AtDate of last authentication
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.