This article is for:
- Org Security Admins
Wdesk allows administrators to set up two-factor authentication for users. This feature enables an extra layer of security for your account, reducing compromised passwords, phishing, and malware attacks, by requiring users to enter a PIN and a one-time passcode. By entering a user defined PIN and verification code within the password field, the user identity has been verified with two different forms of identification.
The two-factor authentication solution implements a one-time passcode generator for mobile platforms or a web application. One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH).
Note: Two-factor authentication works with Google Auth, Microsoft Auth, Duo, and Okta Verify even though documentation states Google Authenticator.
Administration Setup
To find the Admin panel to enable two-factor authentication, access your account, select your name in the bottom left corner of the Home screen, and then click Classic Account Admin under Classic Wdesk. 
Note: An Admin must be an Organization Security Admin as well as a Workspace Owner and Editor. These articles provide more insight on Organization roles and Workspace roles.
Wdesk allows two-factor authentication to be enabled for:
- All users
- Specific users
Enable for all users
Follow these steps to enable two-factor authentication for all users within the Classic Admin page:
- Select People at the top of your screen
- Check the box in the top left corner of the items list to select all users
- Click the More drop-down in the middle of the screen and then select Enable two-factor auth
- On the following pop-up window, confirm that you would like to enable two-factor authentication
- Click Enable two-factor auth
Enable for specific users
You may also choose to set up two-factor for a specific user.
Follow these steps to set up two-factor authentication for individual users:
- Select the People tab at the top of your screen
- Check the box to the left of a specific user
- Click the More drop-down to the right of this user and then select Enable two-factor auth
- On the following pop-up window, confirm that you would like to enable two-factor authentication
- Click Enable two-factor auth
Notification
Once two-factor authentication has been enabled for all users or specific users, they will receive the following email. 
Note: The email that is sent will expire after 5 hours, however, it can be resent by an Admin.
User setup
Org Security Admins will direct users to complete the following steps outlined in the email:
- Download the appropriate authentication application to your device
Note: Two-factor authentication works with Google Auth, Microsoft Auth, Duo, and Okta Verify even though documentation states Google Authenticator.
- Click on the first link within the email
- Enter your Wdesk username, create and confirm a PIN, and then click Continue
- After entering your pin, you will receive a QR (quick response) code
- Scan the QR code with the mobile application to establish two-factor authentication on the device, or use the Key for the Google Authenticator web application and configuration is complete
Set up using Google Authenticator web application
If your policy dictates users should not use their mobile device for two-factor authentication, they can establish two-factor on the Google Authenticator web application.
Note: Google Authenticator Web App works with cookies stored in the browser, so if those are cleared, the user will lose their two-factor configuration in the web app.
Org Security Admins will direct users to follow the instructions below to use the Google Authenticator web application for setup:
- Open a browser window and navigate to: https://app.wdesk.com/gauth/
- Click the + to add a two-factor authentication account
- Enter an account name (just for the user's reference) and then enter a Key (which is found during two-factor setup)
- Click Add to establish the two-factor authentication account in the Google Authenticator web application.
- To authenticate, enter your Wdesk Username
- In the Password field, enter your pin, for example “1234”, and the authentication code from the Google Authenticator web app, so password would be 1234210826
Additional Resources: Troubleshooting Two-Factor Authentication