I agree - the server needs to be protected. But I believe both versions are required, and I can't believe this post was started in 2016, and the feature is still not implemented or even agreed upon. The first thing hackers will do, when they compromise our business, is to find an admin workstation and work his way forward from there. I have the Veeam console installed, so having MFA on the server itself is not secure enough, when everyone with access to my workstation can access Veeam through the console and encrypt all our backups with an unknown password with Veeams own encryption feature, or simply delete them entirely.Gostev wrote: ↑Dec 22, 2020 10:39 pm Please see my response above. If you want the real protection against malicious actors, you need to secure the entire backup server with something like Duo (which is super easy to implement, and is free for up to 10 users). More importantly, it will provide the real protection, and not just the feeling of it from seeing 2FA on the console: "I have 2FA on the console so my backups must be safe".
We need this feature ASAP. And as someone else suggested in the thread, RADIUS support would be great, because then we can utilize the Azure MFA plugin for NPS, and thereby use our existing MFA solution. But a simple SMS would also do the trick.
/Rasmus