Two-factor authentication
With two-factor authentication, users are required to enter a verification code in addition to their basic credentials (username and password) when logging in to FA. If the user enters correct credentials and verification code, they are allowed to access the system with the role(s) and permissions defined for the user.
To access FA with two-factor authentication, the user needs an authenticator app installed on their mobile device. The app generates a time-based one-time password – a verification code to enter after entering the user credentials. There are various authenticator apps available in mobile app stores.
To check a user's two-factor authentication status, click on the user in the User management view to open the User details pane. The following statuses are possible:
Disabled – Two-factor authentication is turned off.
Enabled – Two-factor authentication is turned on. The user has logged in and completed the mobile authenticator setup.
Pending – Two-factor authentication is turned on. You chose “Enable two-factor authentication on next login”, but the user didn’t log in yet to complete the setup.
