Two-factor authentication for OWA - OWA 2FA - is an additional layer of security which requires users to respond to a second authentication challenge when logging into OWA.

Note: OWA 2FA is now available for all shared Exchange 2013/16 domains.

Enabling OWA 2FA

To enable 2FA on your Exchange domain log into your HostPilot and navigate to Account > Security Policies > Two-factor authentication (2FA), check the checkbox Activate 2FA for users and click on Save changes. You may also select to Enable 2FA for new users by default.

Security Policies

Using OWA 2FA

If OWA 2FA is enabled for your users, they still will be able to log in to OWA using the Unified Login Page.

  1. Have the user navigate to the URL provided above, enter their username and password and click Login
  2. On the first login, the user will be asked to choose a 2FA method and enter your phone number:
    • DoubleSafe app: Push notification - uses the DoubleSafe mobile app. The app is available for iOS and Android platforms. After its installation and setup, on every login, a push notification is sent to the mobile device. User will need to allow access from their mobile device
    • SMS text message - the code is sent to the specified number as a text message
    • Voice call - the code is provided via a voice call to the specified number
    • DoubleSafe: One-time passcode - uses the DoubleSafe mobile app. On every login, a one-time passcode is generated on the mobile device

2FA methods

       3. The selected method can be changed on the next login

Once the user passes the second authentication step, they will be redirected to OWA.

Important: if the AppID service is enabled for you, we recommend not to use a browser with the AppID extension to log in to OWA with 2FA.

2FA Reset Option

There are two ways to reset the 2FA settings for the user depending on how 2FA was enabled on the back-end.

  1. The first option is by logging in the HostPilot. In HostPilot please navigate to Users and click on the user you would like to reset 2FA for. Under User Info click on Edit 2FA settings.
  2. edit2fa
  3. You will be presented with current settings and options to disable 2FA, change authentication type, or phone number. To reset 2FA settings, click Reset 2FA settings.
    edit2fa1

If there is no Edit 2FA settings button under the User Info tab, the only option to Reset 2FA is to contact support. In such cases, please reach our Support department to reset 2FA.