Sophos Central


In order to improve security when accessing a restricted console such as Sophos Central, Administrators should use Multi-Factor Authentication. Multi-Factor authentication adds an extra layer around the traditional username and password login, thus preventing unwanted access by threat actors to your Sophos Central console. With Acceptto Multi-Factor Authentication adding that extra layer is simples and cost-effective.

This guide will walkthrough the following steps:

  1. Configure the Administrator user(s) to use Multi-Factor Authentication.
  2. Scan a QR code generated by Sophos with the Acceptto Mobile Application.
  3. Login to Sophos Central using Multi-Factor Authentication.

Initial Steps

Make sure you or user/s have the Acceptto It'sMeTM Mobile App downloaded from the Google Play or App Store. Then sign up for a new account.

Configure MFA Plugin

Step 1 - Configure MFA by first navigating to the Sophos Central admin webpage and select Global Settings on the lefthand side.

Select Multi-Factor Authentication(MFA) from the list on the right.

Select the Administrator(s) accounts that are going to use Multi-Factor Authentication.

Step 2 - Set up Time-based One-Time Password(TOTP)

Select the Authentication type Sophos/Google Authenticator

Step 3 - Ready to use TOTP

  • Select the Authentication type Sophos/Google Authenticator.

  • Scan the QR code.

  • Enter the security code.

Setup Complete

After the process is completed, all logins will require username, password and an OTP code.


If you require assistance, please email us at