2FA - Two Factor Authentication

Feature overview

• 2FA provided by usage of TOTP (Time-based one-time password)
• Widely available standard supported by Google Authenticator app or other similar applications
• 2FA can be enabled on environments without access to the Internet
• Site admins can enforce Organization wide 2FA policy among members
• Browser and IP is automatically saved for 30 days, so that there is no need provide TOTP at every login
• Built-in mechanism to handle brute force attacks

Setting up 2FA

1. Go to Account > Security tab. There you will see section called Extended Security
2. Click on "Set up two-factor authentication" button
3. You will see QR code and optional instruction how to add code manually

4. Enter the 6 digit TOTP code to verify and enable 2FA

Disabling 2FA by user

1. Go to Account > Security tab. There you will see section called Extended Security
2. Click on "Disable 2FA"
3. If 2FA policy is enabled on your Organization you will not have access to Projects or other features as long as you do not re-enable 2FA

Resetting 2FA by Organization admins

Changing user password resets 2FA. At the first login user whose password was changed by Organization Admin (user with role that has "Users Management" permission) will need enroll again for 2FA in Account Settings.