Google Authenticator Enrollment

Discover how Pleasant Password Server will enhance KeePass for business

(Versions 7+)

Users can be enrolled into the Two Factor Authentication by their Administrator, and can use an Authenticator app to enter 6-digit codes. Users can be enrolled in bulk or allowed to Self-Enroll.

Supported Authenticator Apps: 

  • Google Authenticator, Microsoft Authenticator, Authy, DUO mobile, etc.
  • See Supported Providers for more...

Admin Configuration

Admins can choose to allow user's to Self-Enroll and even to generate their own secrets, or they can enroll a user individually.

For manual user enrollment, navigate to:

  • Users and Roles > click a User > click Edit > click Configure for Google Authenticator -> Choose Enable and Set the Secret
  • This QR code or the configuration code must then be distributed (eg. by email or another other means) to the user.

User Configuration

If Self-Enrollment is enabled, users can easily follow the configure the steps below to Self-Enroll and perhaps generate their own code

  • Click here to learn how to enable Self-Enrollment
  • Users will be prompted after login with a password, only if 2FA is required
  • Otherwise, users can also navigate to the User profile (found in the top right-hand corner)
    • Click Manage Account
    • Click Configure 

Google Authenticator Enrollment


  1. Download and install the Authenticator app from your mobile device's app store
  2. Set up a new account and either:
    • Scan this QR code image with the Authenticator App,
    • Or enter the following code:
  3. (optionally) Safeguard this secret in a secure location:
    • Save a picture of this QR code or the numerical code
    • This could be used in the future to transfer to another device
  4. Verify the configuration by entering the code that the Authenticator app provides
  5. Press the Verify button before the code expires
    • A new code will display every 30 seconds
  6. Be aware: that the device time needs to remain accurate
    • Allow the device to remain in-sync with Network Time Protocol (NTP)
    • This authentication algorithm relies on accurate time to function correctly