Two Factor Authentication (google authenticator)

Two Factor Authentication is where you need an additional bit of information like a one-time use code in addition to your username and password to login. It greatly enhances the security of your account. We have followed industry best practices and enabled 2fa just like all the big players on the internet.

What it Does

  • Secures your account by requiring the code once per 30 days (per browser)
  • Allows for recovery using offline recovery codes and/or SMS recovery code

What it Doesn't Do

  • Saves your passwords or other credentials

Tour


You can first opt-in yourself by visiting the "Profile/Password" page.



Then scroll down and enable it



You will be in a wizard, and it won't be turned on unless you successfully enter one code



Now open the Google Authenticator (or similar/compatible app) from your smart phone and scan the QR code to add the account to your smart phone



Great! Now it's enabled. Now you should download some one-time-use recovery codes and put them somewhere very safe. You cannot access your account with these if you lose access to that Authenticator Profile you just added



Now you should really also setup recovery SMS



Now you are really done setting yourself up. If you want, you can force everyone in your company to do this. WARNING: Once you enable it, they are immediately forced into this setup wizard so time it when everyone is ready to set it up or you might lock people out.



You can see which users have enabled it here too


Troubleshooting


If someone gets locked out, an admin on your account can "unlock" a user account, but without recovery codes or recovery SMS a user account cannot be unlocked. 


Feedback and Knowledge Base