Two-Factor Authentication (also known as 2FA) allows you to set up a second layer of authentication for your account so it stays safe, even if your password is compromised, by requiring you to enter a six-digit code that is generated at certain intervals on your smartphone.
Setting Up 2FA
To set up two-factor authentication for your account,
1. Click on the user icon on the top-right of your screen, and select
Settings in the opened menu
2. In the User Settings screen, enable the toggle button for Two-Factor Authentication. This will show a modal like the following.
Now that your authenticator is generating authentication codes, enter the current one into the field before it expires and click
Confirm. This should finish the process, notifying you that you have successfully set up two factor authentication for your account.
Enforcing 2FA Globally
As a global administrator, you can require all users to 2FA by switching
globally on for Two-Factor Authentication in
Management > Settings. Users who have not set up 2FA yet will be asked to set it up before they proceed on their next login.
What If Someone Loses Their Smartphone
In the unfortunate case that a user loses their phone, they can ask their instance's administration to disable 2FA for their account so they can log in and set it up again.
If everything seems set up right yet the server rejects authentication codes without any errors, we recommend checking the system time to see if it is correct. Keep in mind that timezones do not affect this but being a few seconds ahead or behind UTC can break 2FA validation.