set use-2-factor
To enable and disable two-factor authentication for the authentication realm, use the set use-2-factor command.
Two-factor authentication applies only to RADIUS and TACACS+ realms.
Note
set use-2-factor {no|yes}
Syntax Description
Disables two-factor authentication for the realm.no
Enables two-factor authentication for the realm.yes
Command Modes
Default authentication mode
Command History
ModificationRelease
Command added.1.1(1)
Usage Guidelines
If you set two-factor authentication for a RADIUS or TACACS+ realm, consider increasing the session-refresh
and session-timeout periods so that remote users do not have to re-authenticate too frequently.
Example
This example shows how to enter default authentication mode and enable two-factor authentication:
FP9300-A# scope security
FP9300-A /security # scope default-auth
FP9300-A /security/default-auth # set use-2-factor yes
FP9300-A /security/default-auth* # commit-buffer
FP9300-A /security/default-auth #
Related Commands
DescriptionCommand
Specifies the default authentication service.set authentication
The set absolute-session-timeout, set con-absolute-session-timeout, set
con-session-timeout, and set session-timeout commands are used to set various
timeout values.
set timeout values
Cisco Firepower 4100/9300 FXOS Command Reference
228
S Commands
set use-2-factor