MDaemon version 16 onwards supports Two Factor Authentication meaning a user needs to enter a verification code before they can log into Webmail or Remote Administration.  This article utilises the Google Authenticator application.

Google Authenticator is available for both Android or iOS devices:

Google Authenticator for Android
Google Authenticator for iOS

HTTPS must be enabled for Webmail users to enable two factor authentication.

1. Log in to Webmail via HTTPS
2. Select Options
3. Select Security
4. Enter the current account password:

5. Select Setup Two Factor Authentication

6. Open the Google Authenticator App.
7. Scan the QR Code displayed in Webmail to setup the account on the device. Alternatively, click Show Secret to generate a code to enter into the Google Authenticator App.
8. Once the account has been added in Google Authenticator, enter the 6 digit verification code displayed on the app.
9. Click Verify Pairing to finish the process.

The next time the account logs into Webmail or Remote Administration via HTTPS, the password and a code generated by the Google Authenticator app will be required to login.