Two Factor Authentication

Two Factor Authentication, also known as 2FA or TFA, is a two-step verification process that requires more information in addition to the usual username and password. This extra piece of information is something only the user will know or have physically with them, like a token sent to a mobile app, for example. It is very important to create backup codes the moment you enable 2FA on your account in case your phone is lost and cannot access the 2FA code.

How to Enable TFA to protect your account

1.Download and install the "Google Authenticator" APP on your mobile phone. . Google Authenticator will generate OTP (One-time passcode) for your account on EnGenius Cloud by following below steps. Please be reminded that if you have multiple accounts, then you need to generate corresponding entries to each account in Google Authenticator.

2. Select Two Factor Authentication from the top-right menu.

3. Open your chosen authenticator app on your smartphone. Since the following is using Google Authenticator as an example, the steps might vary slightly. Open the Google Authenticator app on your phone, tap Menu, then tap Begin Setup > Scan barcode. If you already have other accounts, you would click the plus sign (+) on the upper right and then Scan barcode.

4. Your phone will now be in the "scanning" mode. Go ahead and scan the QR code that appeared in the popup.

5. Enter the 6-digit authentication token provided by Google Authenticator into the popup, then click Activate .

Recovery codes

It is extremely important to back up a set of Recovery codes the moment two-factor authentication is enabled. These codes will allow you to unlock your account to disable TFA if you somehow lose access to your authenticator app (if say you lost your mobile).

You can access Recovery code after you enabled 2FA. You will be given a list of 10 backup codes, copy them somewhere safe. If there's a possibility someone has gained access to your codes, generate new ones to make those compromised ones obsolete.

How to Deactivate TFA

  1. Select Two Factor Authentication from the top-right menu.

  2. Click Deactivate

How to Access a Locked Out Account

If you are locked out of your account because you changed mobiles, deleted the authenticator app by mistake or lost your phone, you can get access to your account once more with the below method.

Login Cloud using recovery codes

  1. Go to enter your username and password as usual, and prompted for the screen for you to enter code.

2. Now just paste one of the backup codes you previously saved and click Verify.

3. Follow the How to Deactivate 2FA and How to Enable 2FA to protect your account procedure again. Remember to click Download code to save a new set of backup codes.

Other possible issues and solutions are discussed in this Google 2-Step Verification Help article.

TFA Enforcement to your Organization

This feature helps the Organization administrator to enforce all Cloud users to have more secure to access the organization. If you enable TFA Enforcement , your team members are required to have two-factor authentication (TFA) enabled when access this organization. If team members don't activate 2FA, they are not allowed to access this organization . You can access this feature by clicking Organization > Security .

If the user manages multiple Organizations and does not enable TFA, he is still able to log in to Cloud. However, he cannot access the Org with TFA enforcement enabled as a requirement.

Last updated