Getting Started with DeskDirector
DeskDirector Portals
Browser Support
What is the DeskDirector Admin Portal?
What is the DeskDirector TECH Portal?
What is the DeskDirector Client Portal?
Desktop Portal
Managing Your Account
Pricing & Subscription Plans
Deskdirector - Sign up walk through
Managing your DeskDirector Subscription
Admin Essentials
Release Notes
Permissions & Feature Configuration (Tokity)
Permissions & Feature Configuration (ConnectWise/Autotask Partners)
Automatic Contact Creation
The Developer Corner
DeskDirector Features Overview
Desktop Portal Version Differences
Logging in to DeskDirector
User Profiles & Profile Pictures
Office Hours
Using Markdown
How Searching Works
Embedding Help Page Media
Get started with the DeskDirector Power Automate Connector
Features
Portal Customization
Service Catalogue
Forms
Getting started with DeskDirector Forms
DeskDirector Forms - Question Types in Detail
Dynamic Form Content
Communication
Actionable Messages for Emails
Real-Time Chats
Notifications
Email Notifications
Email Template Engine
Surveys
Broadcasts
Generative AI
DeskDirector with Generative AI
Setting up AI Service Providers
AI Assistants in DeskDirector
Custom Tools for AI Assistants
Knowledge Bases for AI Assistants
Ticket Summary for Tech Portal
Advanced
Login & Authentication
Contact & User Groups
Approvals
Task Lists
The Learning Center
Tags
Custom Domains
File Storage
Portal Deep Linking
Clean Tickets
Contacts
Accounts
Service Dashboard
Auditing and Analytics
Integrations
ConnectWise
ConnectWise Custom Menu Item for DeskDirector
ConnectWise
ConnectWise Quotes & Invoices
ConnectBooster
ConnectWise Sell
ConnectWise - Avoid Aggressive Notifications
AutoTask
Switching or Merging PSAs
QuoteWerks
Wise-Pay
TimeZest
BiggerBrains
OneNote Notebooks
Integrations - Frequently Asked Questions
IT Glue
Microsoft Teams App
Introducing the DeskDirector for Microsoft Team App
Installing the Microsoft Teams App (Client Mode)
Installing the Microsoft Teams App (Tech Mode)
Setting up Tags for Teams Discussions (Tech)
Branding the DeskDirector Teams App
DeskDirector Teams App Notifications
User Groups Integration with Microsoft Teams
Setting up Content Security Policy (CSP)
Advanced topic: Setting up Tech & Client Mode in the same tenancy
Integrating Microsoft Teams with DeskDirector Tech Portal
Smart Alerts for Tech Users
Microsoft Power Automate
Actions
Solutions
Power Automate Template Gallery
Featured Solution: Teams Ticket Discussion
Featured Solution: Ticket Briefing
Introduction to Power Automate
Power Automate Connector - Setting up your first flow
DeskDirector Power Platform Connector Reference
DeskDirector Connector Triggers
Troubleshooting
Troubleshooting via Web Developer Tools
Desktop Portal - Common Issues
Contact & Service Agent Impersonation
Diagnose Entities Tool
DeskDirector Desktop App - Installation Issues
Troubleshooting DeskDirector Connection Issues
Login & Authentication - Common Issues
Permissions & Access - Common Issues
Tickets & Chats - Common Issues
Approvals - Common Issues
Email & Email Delivery - Common Issues
PSA Entity Syncing - Common Issues
PSA Integration - Common Issues
ConnectWise Integration - Common Issues
Autotask Integration - Common Issues
ConnectWise Audit Trail - Exporting API Logs
Microsoft Teams App - Common Issues
Contact DeskDirector Support
Security
Glossary
Archived
- All Categories
- Archived
- Advanced Authentication. No password, Single Sign On, MFA and beyond?
Advanced Authentication. No password, Single Sign On, MFA and beyond?
Security is always a hot topic. DeskDirector has some great authentication solutions implemented - that are always improving!
Passwordless using one-use tokens sent to the mailbox
We have had passwordless logins for many years. It is our most popular method of authentication into the Portal.
This is where we send a one-time use token to the users mailbox. The user doesn't have to remember a password and access remains as secure as the users mailbox.
The concept of passwordless came out around 2010 or maybe even earlier. It is adopted by many applications, such as Slack, Microsoft, Medium, Twitter and WhatsApp. It is operated by sending SMS or email to given user which contains a short lived token used for login.
For more detail on passwordless, you can read Auth0 product page or Auth0 blog page.
For DeskDirector passwordless feature, we have default settings on the token and they are listed below:
- The token is numeric
- The token length is 6 chars
- Token expiry is 10 minutes
- Within this time, the token won't be removed on use
- The token is invalidated after 10 failed tries
In general, the configuration we have now is secure because it is nearly impossible to guess 6 digit numeric combination in 10 tries.
These Passwordless features are currently only configurable by our consulting team for Dynamic clients only. We will be bringing self service into the Admin Console in the near future for everybody.
Passwordless tokens can be activated on a company by company basis.
Read more about it here: Logging in with Passwordless
Single Sign on using Active Directory
If our Windows client is running in a Microsoft Active Directory Domain, we can silently log the user using the Domain credentials. This is the most streamlined way to authenticate a login.
Read more about it here: Logging in with Active Directory
2FA and MFA
The reason we call that as 2FA is similar to OAuth. As long as your email provider provide 2FA then passwordless is 2FA. Since you need access to email before you can login, thus, 2FA is checked during user access to their email account.
DeskDirector has held off implementing an SMS variation while we see how the debate on SMS security as a 2FA option plays out. There are ways to compromise an SMS token and we are reviewing this regularly.
On a purely practical data level, we find that almost every contact has an email address but many don't have a mobile number. Lastly, mobile numbers are also entered in many variations and formats.
Office 365 login
This is the solution of the future for customers that need more. If you want industry-strength Multi-Factor Authentication and/or conditional (i.e. times/places) authentication, Office 365 Auth is for you. Office 365 accounts are AzureAD accounts and AzureAD delivers all these capabilities exceptionally well. There's a whole universe of security options available.
The best security implementation is clean and simple. With Office 365, we get Microsoft's AzureAD to do all the hard security work. When the user tries to login to us, we send them to Microsoft to get an authentication sorted out. Microsoft then reports either the login is successful or not. This is the future for all authentication.
Read more about it here: Enabling OAuth (Microsoft Login) for DeskDirector Portal
Other DeskDirector authentication options
If you want to go back to the 1960s and use passwords to login instead of all these advanced authentication methods that we implemented - we still got you covered. Read more about it here: Setting/Resetting a Contact's Password
You can also login to DeskDirector using a URL. Read more about it here: Global Magic Token: Logging in via URL
