All users have the ability to set up Two-Factor Authentication
What is Two-Factor Authentication?
Also known as 2FA, Two-Factor Authentication is an extra step to your login that adds an extra layer of protection to your account. Without 2FA, you only enter your username and password. With 2FA, an extra step has you enter an authentication code.
Why use Two-Factor Authentication?
Because Two-Factor Authentication requires two ways of proving your identity, it adds an additional level of security to your account.
How to set up Two-Factor Authentication (TFA)
-
Under My Account go to Two Factor Authentication. (1, 2, 3)
-
In order to set up 2FA, you will have to download an authenticator app to your phone or tablet. (There are multiple authenticator apps that you can download for free from the app store, including: Google Authenticator, Microsoft Authenticator, Authy, and more.)
-
Once you have downloaded the app of your choice, scan the QR code and follow the directions in the app. (4)
-
Back on the My Account page, enter the six digit code from your authenticator and confirm your password. (5, 6)
-
Click Enable. (7)
-
A new dialog will open with a list of Recovery Tokens. These codes are used to recover your account if you lose the device that has your authenticator on it. Each code can be used only once. Click Download Recovery Tokens or take a screenshot of the codes to store on your computer. You can also write them down and store them somewhere safe.
-
Click OK
-
Now, when you log into your account, a Two-Factor Authentication screen will open where you will be asked to enter the 6-digit code from your authenticator app.
How to turn on Two-Factor Authentication (TFA) for your entire team
The Team Administrator can choose the level of authentication required to access the Team Storms.
This setting can be found in the Settings tab of your Team's section in your My Account Page.
There are three options:
-
Optional: Individual users can decide if they want to use 2FA.
-
Required for users without SSO: This is only an option if your team has Single Sign-On (SSO) enabled.
-
Required for everyone: When someone tries to enter a Storm and they have not yet enabled 2FA, they will be prompted to enable 2FA.