Implementing 2FA protection for Kaseya logon VSA v6.5 - older (Legacy)

(Kaseya v6.3 or v6.5)

Step 1 – Download the Kaseya Logon Agent.

Step 2 - Edit sasURL, siteID, usersNotRequiring2FA, ipWhiteList,anduserWhiteListRequires2FA variables at the top of v2AuthAnvilincAuthAnvil.asp to match your network’s settings.



  1. The usersNotRequiring2FA variable is a comma separated list of usernames that needs to match the users’ Kaseya username.
  2. The ipWhiteList variable is a comma separated list of IP subnets in CIDR format. ie: This feature will only work if the computers are communicating with the Kaseya server via IPv4. It does not recognize IPv6 addresses.
  3. The userWhiteListRequires2FA variable allows you to toggle whitelist modes. If it is set to true, only users in the whitelist will be required to authenticate using two factor authentication. If it is set to false, all users except those in the whitelist will be required to authenticate using two factor authentication (the default behavior).

Step 3 – Copy the AuthAnvil directory from the v2 directory to the Kaseya WebPages directory, located by default at C:\Kaseya\WebPages\.

Note: When copying the Kaseya Logon Agent files into the Kaseya directory, ensure that the logon agent files are set to inherit NTFS permissions.

Step 4 – Navigate to your Kaseya logon page, and log in using your Kaseya username (which must match your AuthAnvil username), Kaseya password, and AuthAnvil passcode.



If you have any questions or need some help, we would be happy to assist. Open a case at or send an email to


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Powered by Zendesk