Multi-User Authentication (MUA)
    • 26 Jun 2024
    • 3 Minutes to read
    • PDF

    Multi-User Authentication (MUA)

    • PDF

    Article summary

    Setting Up MUA for Account or Bucket Deletion

    With this feature, security contacts are responsible for ensuring the security of an organization's information systems and data. For example, if there is an attempt to delete a Root account and a security contact denies the deletion, the Root account user will receive an alert.

    As a Root user, you can add up to three security contacts who will be required to sign off on account activities that you specify. There is no limit to the number of activities that these contacts can oversee.

    Multi-Factor Authentication (MFA) must be enabled before you can add a security contact.

    The Security Contacts feature is available for a Root user only.

    Adding a Security Contact

    1. Click Settings on the Wasabi menu. Or, open the account sign-in drop-down and click Settings.
    2. Open the Security Settings drop-down.
    3. Select Multi-User Authentication.

    4. Click Add Security Contact.

      If MFA is not enabled, a message will remind you to do so. Refer to Multi-Factor Authentication (MFA) Device.

    5. Enter the email of the security contact. Note that the domain must match your Root account domain.

    6. Click in the Activities area to open the drop-down.

    7. Select the activity(ies) for this contact: Delete Account and Delete Bucket. If a user tries to delete the account or a bucket, the contact will receive an email and must approve or deny the deletion.

      If you select the Delete Bucket activity, the message below will be displayed when a user attempts to delete the bucket, and the user will be asked to confirm the deletion.

      Then, the Delete action that is normally available for the bucket (in the Buckets list) will change from Delete to Awaiting Deletion Approval. For example:

      An email will be sent to both the security contact and Root user during the bucket deletion process.

    8. After selecting the activity(ies), click Continue.

    9. Enter an authentication code from your MFA device.

    10. Click Send. The contact is displayed with the activity you defined. For example:

      Wasabi Support will email an invitation to the contact, and the person can accept or decline your request. An example of this email is:

      The invitation email sent to a contact is valid for 24 hours.

      After the recipient clicks Continue, an invitation is displayed:

      The recipient needs to click Accept Invite to become a security contact.

    11. You can repeat this procedure, starting with Step 4, if you want to add up to three security contacts.
    When a security contact receives a request to delete an account or bucket, the contact has 15 minutes to respond. This request expires after 15 minutes.

    Resending an Invitation

    You may want to resend the invitation to a potential security contact if the person has not responded.

    1. Clickactions-ellipsisto open the Action menu to the right of the contact information.

    2. Select Resend.
    3. When asked to confirm, click Resend.

    Canceling an Invitation

    You can cancel an invitation before the potential security contact responds.

    1. Clickactions-ellipsisto open the Action menu to the right of the contact information.

    2. Select Cancel.
    3. When asked to confirm, enter an authentication code from your MFA device.

    4. Click Cancel Invitation.

    Changing the Activities for a Security Contact

    You can remove a person as a security contact after the person has accepted the invitation.

    1. Clickactions-ellipsisto open the Action menu to the right of the contact information.

    2. Select Edit Activities.
    3. Click in the Activities area to add or remove an activity. At least one activity is required.

    4. Click Continue.

    Removing a Security Contact

    You can remove a person as a security contact after the person has accepted the invitation.

    1. Clickactions-ellipsisto open the Action menu to the right of the contact information.

    2. Select Remove.
    3. When asked to confirm, enter an authentication code from your MFA device.

    4. Click Remove.

    Removal is subject to approval from the security contact, who will receive an email requesting confirmation of the removal. The security contact is required to accept the request before removal takes place.

    After the recipient clicks Continue, an invitation is displayed:

    The recipient needs to click Accept Contact Removal to confirm.



    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence