{"id":84405,"date":"2023-06-05T13:10:42","date_gmt":"2023-06-05T17:10:42","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=84405"},"modified":"2024-11-15T11:57:16","modified_gmt":"2024-11-15T16:57:16","slug":"enable-totp-mfa-for-devices","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices","title":{"rendered":"Enable TOTP MFA for Devices"},"content":{"rendered":"\n<p>JumpCloud gives organizations the power to layer Multi-Factor Authentication (MFA) on top of nearly any resource you need to secure: Windows, Mac, Linux, applications, networks, infrastructure and more.<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>If you&#8217;d like to use the JumpCloud Protect Push MFA mobile app for your MFA needs, see <a href=\"https:\/\/jumpcloud.com\/support\/configure-push-mfa\" target=\"_blank\" rel=\"noreferrer noopener\">Configure Push MFA<\/a> and <a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-protect-for-end-users\" target=\"_blank\" rel=\"noreferrer noopener\">Users: JumpCloud Protect<\/a> to learn more.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul>\n<li>Configure TOTP MFA for user accounts first. See\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/configure-totp-mfa-for-user-accounts\" target=\"_blank\" rel=\"noreferrer noopener\">Configure TOTP MFA for User Accounts<\/a> to learn more.<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations<\/strong>:&nbsp;<\/p>\n\n\n\n<ul>\n<li>When TOTP MFA is enabled on a device, only users who have completed setup&nbsp;are&nbsp;prompted for TOTP MFA when they log in to the device.<\/li>\n\n\n\n<li>See individual considerations for each OS, listed below.<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Internet connectivity isn&#8217;t required to use TOTP MFA on devices.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>Before you can require your\u00a0users to use TOTP MFA to log into their JumpCloud device, you have to complete two procedures:\u00a0<\/p>\n\n\n\n<ol>\n<li><a href=\"#enabling-totp-mfa-at-the-org-level\">Enable TOTP MFA at the org level<\/a><\/li>\n\n\n\n<li><a href=\"#enabling-totp-mfa-for-your-devices\">Enable TOTP MFA on the devices<\/a><\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"enabling-totp-mfa-at-the-org-level\">Enabling TOTP MFA at the Org Level<\/h2>\n\n\n\n<p><strong>To enable TOTP MFA at the org level:<\/strong><\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to\u00a0<strong>SECURITY MANAGEMENT &gt; MFA Configurations<\/strong>.<\/li>\n\n\n\n<li>Under the Time-based One Time Password window, click&nbsp;<strong>Enable<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>Any device in your org for which MFA has been enabled will now require TOTP MFA. Enable MFA on the devices manually by following the steps below.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"enabling-totp-mfa-for-your-devices\">Enabling TOTP MFA for Your Devices<\/h2>\n\n\n\n<p><strong>To enable TOTP MFA on your devices:<\/strong><\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; Devices<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Select the checkbox next to the devices you want to enable TOTP MFA on.\u00a0<\/li>\n\n\n\n<li>Click the <strong>Actions<\/strong> dropdown menu, and select\u00a0<strong>Enable MFA<\/strong>.\u00a0<\/li>\n\n\n\n<li>Click\u00a0<strong>Enable<\/strong> to confirm. <\/li>\n\n\n\n<li>To disable MFA, follow the steps above but select <strong>Disable MFA<\/strong> instead.<\/li>\n<\/ol>\n\n\n\n<p>Once devices are enabled, users need to be enabled and they need to enroll in TOTP MFA. See <a href=\"https:\/\/jumpcloud.com\/support\/configure-totp-mfa-for-user-accounts\" target=\"_blank\" rel=\"noreferrer noopener\">Configure TOTP MFA for User Accounts<\/a> to learn more.\u00a0<\/p>\n\n\n\n<p>See these articles to learn more about enabling TOTP MFA for individual devices:<\/p>\n\n\n\n<ul>\n<li><a href=\"#enable-totp-mfa-for-linux\">Enable&nbsp;TOTP MFA Linux SSH<\/a><\/li>\n\n\n\n<li><a href=\"#enable-mfa-for-mac\">Enable&nbsp;TOTP MFA for Mac<\/a><\/li>\n\n\n\n<li><a href=\"#enable-mfa-for-windows\">Enable&nbsp;TOTP MFA for Windows<\/a><\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>To see your users&#8217; experience when logging in with TOTP, see <a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-protect-for-end-users\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Protect for End Users<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"enable-totp-mfa-for-linux\">Enable TOTP MFA for Linux<\/h3>\n\n\n\n<p><strong>Considerations<\/strong>:<\/p>\n\n\n\n<ul>\n<li>If it\u2019s not already installed by default, an Admin will\u00a0need to install an OpenSSH server\u00a0for the specific case where they intend to require MFA to log in via SSH. If you want to require MFA for\u00a0SSH logins, ensure openssh-server is installed before installing the JumpCloud agent.<\/li>\n\n\n\n<li>Gnome GDM is recommended. MFA may not work as intended using other Linux greeters.<\/li>\n<\/ul>\n\n\n\n<p><strong>To enable MFA for SSH on a Linux system<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; Devices<\/strong>.<\/li>\n\n\n\n<li>Click on a Linux\u00a0device to see it&#8217;s details.<\/li>\n\n\n\n<li>Under <strong>Device Configuration<\/strong>, if <strong>MFA Login<\/strong> is toggled off to disabled, toggle <strong>Allow SSH Password Login<\/strong> or <strong>Enable Public Key Authentication<\/strong> on. If both options are toggled on, MFA can&#8217;t be enabled.<\/li>\n\n\n\n<li>Click<strong> MFA Login Disabled<\/strong> to toggle it on.<\/li>\n\n\n\n<li>Click <strong>Save Device<\/strong>.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>You can enable MFA for multiple devices from the Devices tab by clicking <strong>more actions<\/strong> and choosing <strong>Enable MFA<\/strong>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"enable-mfa-for-mac\">Enable MFA for Mac<\/h3>\n\n\n\n<p><strong>Considerations<\/strong><\/p>\n\n\n\n<ul>\n<li>Don&#8217;t enable TOTP MFA for OS X if the device is already using or has configured another MFA service or authentication plug-in. Doing so could cause adverse results, like not being able to access the device.<\/li>\n\n\n\n<li>TOTP MFA only affects the OS login screen. FileVault decryption, screen saver, lock screen, etc. aren&#8217;t affected by this setting.<\/li>\n\n\n\n<li>Devices that run macOS 12 Monterey on devices with small display areas might experience issues. MacOS Monterey has reduced the size of the login window for all MFA logins, including TOTP and Push. If your macOS Monterey device has a display that is less than 900 px in height, you might experience a display overlap between the login area and the policy text that is displayed on the screen. There is no workaround, and JumpCloud suggests that you use a macOS device with a vertical display that is more than 900 px high.<\/li>\n<\/ul>\n\n\n\n<p><strong>To enable MFA for a Mac Device<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go&nbsp;to&nbsp;<strong>DEVICE MANAGEMENT&nbsp;<\/strong>&gt;<strong>&nbsp;Devices<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Check the box next to the Mac device that you want to view&nbsp;<strong>Details<\/strong>&nbsp;for.&nbsp;<\/li>\n\n\n\n<li>Click on the\u00a0<strong>Actions<\/strong>\u00a0dropdown menu and select\u00a0<strong>Enable MFA<\/strong>\u00a0or\u00a0<strong>Disable MFA<\/strong>.<\/li>\n\n\n\n<li>Click\u00a0<strong>Enable<\/strong> to confirm you&#8217;re enabling MFA on your selected device. <\/li>\n\n\n\n<li>The&nbsp;<strong>MFA Status<\/strong>&nbsp;column is updated with a green lock icon.<\/li>\n\n\n\n<li>You can disable MFA from the selected device&#8217;s&nbsp;<strong>Details<\/strong>&nbsp;page on the <strong>Highlights<\/strong> tab &gt; <strong>Device Configuration<\/strong>, toggle&nbsp;<strong>MFA Login Enabled<\/strong> to&nbsp;<strong>MFA Login Disabled<\/strong>.<\/li>\n\n\n\n<li><strong>Save Device<\/strong>.<\/li>\n\n\n\n<li>After you enable MFA for a&nbsp;device, users will see a modified login window that prompts for a TOTP token.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>You can enable MFA for multiple devices from the Devices tab by clicking <strong>more actions<\/strong> and choosing <strong>Enable MFA<\/strong>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"enable-mfa-for-windows\">Enable MFA for Windows<\/h3>\n\n\n\n<p><strong>Considerations<\/strong>:<\/p>\n\n\n\n<ul>\n<li>MFA is only supported and functional for Windows 10 and above.<\/li>\n\n\n\n<li>JumpCloud MFA employs the use of a credential provider. When MFA is enabled on a Windows system, and a user that is required to use MFA is bound to the system, all other Windows credential providers are disabled.<\/li>\n\n\n\n<li>To ensure systems can be recovered when users have issues logging in, MFA can be bypassed by booting a Windows system in safe mode. You can prevent non-admin users from logging in to Windows systems in safe mode by setting the&nbsp;<strong>HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\SafeModeBlockNonAdmins<\/strong>&nbsp;registry to <strong>1<\/strong>.&nbsp;<\/li>\n\n\n\n<li>A TOTP token is only required when a user initially logs in to their JumpCloud-managed Windows system. When a user locks their screen, they aren\u2019t required to enter a TOTP token to unlock their system.<\/li>\n\n\n\n<li>Newer versions of Windows have the configurable option to keep users logged in through a reboot. The default setting for this option is to keep users logged in. As a result, users of computers with this option enabled aren&#8217;t required to provide a TOTP token after a reboot.<\/li>\n\n\n\n<li>Users must have a TOTP app to generate TOTP tokens. JumpCloud recommends using <a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-protect-for-admins\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Protect<\/a>.<\/li>\n\n\n\n<li>TOTP MFA is supported for Remote Desktop. <\/li>\n\n\n\n<li>You may need to disable Windows Automatic Restart Sign-on (ARSO) to force the TOTP authentication prompt on the Windows login screen after a machine reboot. This can be done one of two ways &#8211; via a policy or via a PowerShell command. Jump to <a href=\"#disabling-windows-arso\">Disabling Windows ARSO<\/a>.<\/li>\n<\/ul>\n\n\n\n<p><strong>To enable MFA for a Windows system<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Go&nbsp;to&nbsp;<strong>DEVICE MANAGEMENT&nbsp;<\/strong>&gt;<strong>&nbsp;Devices<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Check the box next to the Windows device that you want to view&nbsp;<strong>Details<\/strong>&nbsp;for.&nbsp;<\/li>\n\n\n\n<li>Click on the\u00a0<strong>Actions<\/strong>\u00a0dropdown menu.\u00a0<\/li>\n\n\n\n<li>Click&nbsp;<strong>Enable MFA<\/strong>&nbsp;or&nbsp;<strong>Disable MFA<\/strong>.<\/li>\n\n\n\n<li>Click\u00a0<strong>Enable<\/strong> to confirm you&#8217;re enabling MFA on your selected device. <\/li>\n\n\n\n<li>The&nbsp;<strong>MFA Status<\/strong>&nbsp;column is updated with a green lock icon.<\/li>\n\n\n\n<li>You can disable MFA from the selected device&#8217;s&nbsp;<strong>Details<\/strong>&nbsp;page on the <strong>Highlights<\/strong> tab &gt; <strong>Device Configuration<\/strong>, toggle&nbsp;<strong>MFA Login Enabled<\/strong> to&nbsp;<strong>MFA Login Disabled<\/strong>.<\/li>\n\n\n\n<li><strong>Save Device<\/strong>.<\/li>\n\n\n\n<li>After you enable MFA for a&nbsp;device, users will see a modified login window that prompts for a TOTP token.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>You can enable MFA for multiple devices from the Devices tab by clicking <strong>Actions<\/strong> and choosing <strong>Enable MFA<\/strong>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>After you save, TOTP MFA is enabled on the device and users that have been required TOTP MFA and are connected to the system will see a modified login screen that prompts them for a TOTP token.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"disabling-windows-arso\">Disabling Windows ARSO<\/h4>\n\n\n\n<p>You may need to disable Windows Automatic Restart Sign-on (ARSO) to force the TOTP authentication prompt in the Windows login screen after a machine reboot. This can be done one of two ways &#8211; via a policy or via a PowerShell command.<\/p>\n\n\n\n<p><strong>To disable Windows ARSO<\/strong> <strong>with a policy<\/strong>:<\/p>\n\n\n\n<p>Create a policy with the following values to disable Windows ARSO:<\/p>\n\n\n\n<ul>\n<li>Registry Key Location: <strong>SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System<\/strong><\/li>\n\n\n\n<li>Value Name: <strong>DisableAutomaticRestartSignOn<\/strong><\/li>\n\n\n\n<li>Type: <strong>DWORD<\/strong><\/li>\n\n\n\n<li>Data: <strong>1<\/strong><\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>This registry key (and interface change) will not appear until the device has run through a group policy update cycle. The default group policy update cycle time is every 90 minutes with a randomized offset of up to 30 minutes.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>To disable Windows ARSO with a command:<\/strong><\/p>\n\n\n\n<p>Run the following PowerShell command using the JumpCloud Commands module to disable Windows ARSO:<\/p>\n\n\n\n<div class=\"wp-block-cgb-code-block code-block\"><div class=\"code-block-snippet is-type-body-default\">\n<p>#Get Execution Policy currently<br>$exec_pol = Get-ExecutionPolicy<br>#Set Execution Policy to run script<br>Set-ExecutionPolicy Unrestricted<br># Import JC PoSh module<br>Import-Module &#8220;C:\\Program Files\\JumpCloud\\policies\\JumpcloudPolicies\\JumpcloudPolicies&#8221;<br>$automaticRestartSignOn = @{<br>&nbsp;&nbsp;policypath = &#8216;C:\\Windows\\system32\\GroupPolicy\\Machine\\Registry.pol&#8217;;<br>&nbsp;&nbsp;policykey = &#8216;Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System&#8217;;<br>&nbsp;&nbsp;policyValuename = &#8216;DisableAutomaticRestartSignOn&#8217;;<br>&nbsp;&nbsp;policyType = &#8216;DWord&#8217;;<br>&nbsp;&nbsp;policyData = &#8216;1&#8217;<br>}<br>install-jcpolicy @automaticRestartSignOn<br>gpupdate \/force<br>Set-ExecutionPolicy $exec_pol<\/p>\n<\/div><\/div>\n\n\n\n<p>To reverse the PowerShell command and remove the local group policy, run the following PowerShell command on the device in JumpCloud Commands:&nbsp;&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-cgb-code-block code-block\"><div class=\"code-block-snippet is-type-body-default\">\n<p># Import JC PoSh module<br>Import-Module &#8220;C:\\Program Files\\JumpCloud\\policies\\JumpcloudPolicies\\JumpcloudPolicies&#8221;$automaticRestartSignOn = @{&nbsp;&nbsp;<br>     policypath = &#8216;C:\\Windows\\system32\\GroupPolicy\\Machine\\Registry.pol&#8217;;&nbsp;&nbsp;<br>     policykey = &#8216;Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System&#8217;;&nbsp;&nbsp;<br>     policyValuename = &#8216;DisableAutomaticRestartSignOn&#8217;;<br>}<br>uninstall-jcpolicy @automaticRestartSignOn<br>gpupdate \/force<\/p>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"viewing-users-mfa-status-on-the-device\">Viewing Users&#8217; MFA Status on the Device<\/h2>\n\n\n\n<p><strong>To determine the TOTP MFA status of&nbsp;users connected to this device<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Go to&nbsp;the&nbsp;<strong>DEVICE MANAGEMENT<\/strong>&nbsp;&gt;&nbsp;<strong>Devices<\/strong>.<\/li>\n\n\n\n<li>Select a&nbsp;device and click the&nbsp;<strong>Users<\/strong>&nbsp;tab..<\/li>\n\n\n\n<li>The user MFA Status is shown in the&nbsp;<strong>MFA:TOTP&nbsp;<\/strong>column.&nbsp;<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>JumpCloud gives organizations the power to layer Multi-Factor Authentication (MFA) on top of nearly any resource you need to secure: [&hellip;]<\/p>\n","protected":false},"author":206,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2852,2908,2854],"support_tag":[],"coauthors":[2842],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Enable TOTP MFA for Devices - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to enable TOTP as an MFA factor for devices.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Enable TOTP MFA for Devices\" \/>\n<meta property=\"og:description\" content=\"Learn how to enable TOTP as an MFA factor for devices.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-15T16:57:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"890\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"pamkellman\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices\",\"url\":\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices\",\"name\":\"Enable TOTP MFA for Devices - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"datePublished\":\"2023-06-05T17:10:42+00:00\",\"dateModified\":\"2024-11-15T16:57:16+00:00\",\"description\":\"Learn how to enable TOTP as an MFA factor for devices.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Enable TOTP MFA for Devices\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Enable TOTP MFA for Devices - JumpCloud","description":"Learn how to enable TOTP as an MFA factor for devices.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices","og_locale":"en_US","og_type":"article","og_title":"Enable TOTP MFA for Devices","og_description":"Learn how to enable TOTP as an MFA factor for devices.","og_url":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices","og_site_name":"JumpCloud","article_modified_time":"2024-11-15T16:57:16+00:00","og_image":[{"width":890,"height":525,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"8 minutes","Written by":"pamkellman"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices","url":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices","name":"Enable TOTP MFA for Devices - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"datePublished":"2023-06-05T17:10:42+00:00","dateModified":"2024-11-15T16:57:16+00:00","description":"Learn how to enable TOTP as an MFA factor for devices.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/enable-totp-mfa-for-devices#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Enable TOTP MFA for Devices"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84405"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/206"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84405\/revisions"}],"predecessor-version":[{"id":117630,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84405\/revisions\/117630"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=84405"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=84405"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=84405"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=84405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}