Users and Trusted Devices for Two-Factor Authentication

Note:

The NetSuite feature that required RSA SecurID tokens is no longer available for purchase. Customers requiring 2FA for account access should use the 2FA solution built in to NetSuite.

Users with 2FA authentication required roles can specify devices as trusted when logging in to the 2FA role. Marking a device as trusted works in conjunction with the value specified by the Administrator in the Duration of Trusted Device column for a particular role.

For example, a role has been designated as 2FA required, and the value for Duration of Trusted Device has been set to 30 days. The next time a user with this role logs in, they can choose whether to check the Trust this device box.

In cases where a user has access to more than one company, and the user’s role is 2FA authentication required, marking a device as trusted makes that device trusted across all companies to which the user has access.

2FA login page including the trust this device box.

The user is in complete control of whether devices are considered trusted. In this example, the user could check the Trust this device box and then would not be presented with a 2FA challenge for 30 days when logging in to NetSuite from this device.

After a user has marked a device as trusted, the user can modify that choice on the Manage Trusted Devices page.

For example, this user marked a device as trusted. That is, the user previously chose not to be asked for a two-factor authentication (2FA) verification code on this device.

The user can reverse that choice by selecting a Restore 2FA required... option. If the 2FA required is restored for a device, the user must use a 2FA authenticator app, phone, or a backup code to log in.

The Manage Trusted Devices page with the Restore 2FA on this device only option selected.

There is a link on the Settings portlet to access the Manage Trusted Devices page.

Manage Trusted Devices link in the Settings portlet.

Related Topics

Two-Factor Authentication (2FA)
Managing Two-Factor Authentication
Designate Two-Factor Authentication Roles
2FA in the NetSuite Application
Supported Countries: SMS and Voice Call

General Notices