This guide provides instructions for both individual users who wish to enable 2FA on their own accounts and for Corporate Management Admins who need to enforce this security measure across their entire organization. By following these steps, you can add a critical layer of verification to the login process, ensuring that only authorized users can access sensitive information.
Prerequisites
Before you begin, please ensure you have the following:
For all users:
An active user account and your login credentials.
A smartphone or other device with a Time-based One-Time Password (TOTP) authenticator app installed (e.g., Google Authenticator, Microsoft Authenticator, Authy).
For administrators enforcing 2FA:
Corporate Management Administrator permissions for the relevant space.
Enabling 2FA on Your User Account
Any user can add an extra layer of security to their account by enabling 2FA. This process links your account to an authenticator app on your smartphone, which will generate a unique code required for login.
Navigate to your user profile by clicking on your avatar or name and selecting Profile Settings.
Locate the Two-Factor Authentication section and click the Enable button.
A setup window will appear. Open your authenticator app on your smartphone and scan the QR code.
If you cannot scan the code, use the manual setup key provided.
Once your authenticator app is configured, it will display a 6-digit code. Enter this code into the Verification Code field on the setup screen and click Verify.
After successful verification, you will be presented with a list of one-time Recovery Codes.
Confirm you have saved the codes, and click Complete Setup. 2FA is now active on your account.
IMPORTANT: Copy these recovery codes and save them in a secure location, such as a password manager. These codes are the only way to access your account if you lose your 2FA device.
How to Disable 2FA
Return to the Two-Factor Authentication section in your Profile Settings.
Click the Disable button.
To confirm this action, you will be prompted to enter your credential to confirm the action.
Enforcing 2FA for Your Corporate Space
Corporate Management Admins can enhance security across their entire organization by mandating Two-Factor Authentication for all users in a managed space. This ensures a consistent security standard for all members.
How to Mandate 2FA
As a Corporate Management Admin, navigate to the main dashboard of your corporate space.
Select the Policy tab.
Locate the policy named Enforce 2FA and switch the toggle to ON.
(Optional) You can set a Grace Period in days. During this period, users will be prompted to set up 2FA but can bypass it temporarily. If the 'No grace period' button is selected, 2FA enrolment will become mandatory immediately
Click confirm to apply the new policy.
What Happens When 2FA is Enforced?
Once the policy is active, the system changes the login experience for users who have not yet enabled 2FA:
For Existing Users:
If a grace period is active, users will be prompted to set up 2FA after logging in but can choose to "Remind me later" and continue.
Once the grace period expires (or if none was set), users will be blocked from accessing any content. They will be redirected to a mandatory 2FA setup page and cannot proceed until they have secured their account.
For New Users: new users invited to the space must complete the 2FA setup as a required step during their initial account activation.
Admin View: From the corporate management dashboard, you can track which users have successfully enabled 2FA
How to Disable 2FA Enforcement
To remove the 2FA requirement, simply return to the Policy tab and switch the Enforce 2FA toggle to OFF.
Note: Disabling enforcement does not deactivate 2FA for users who have already enabled it. It only removes the mandatory requirement for those who have not.
Logging In with 2FA and Using Recovery Codes
Once 2FA is active on your account, your login process will include one extra verification step to ensure your account remains secure.
Standard Login with an Authenticator App
On the login page, enter your email and password as usual and click Log In.
You will be directed to a new screen prompting you for a verification code.
Open the authenticator app on your smartphone or device.
Type the current 6-digit code from the app into the Verification Code field and click Verify. You will then be logged in.
Using a Recovery Code
If you do not have access to your authenticator device (e.g., your phone is lost or unavailable), you can use one of the single-use recovery codes you saved during setup.
On the 2FA verification screen, find and click the link that says Use a recovery code.
Open the authenticator app on your smartphone or device.
Type the current 6-digit code from the app into the Verification Code field and click Verify. You will then be logged in.
Enter one of your unused recovery codes into the field and click Verify.
You will be granted access. Remember, each recovery code can only be used once.
IMPORTANT: If you use a recovery code because your primary device is no longer accessible, we strongly recommend you navigate to your Profile Settings, disable your current 2FA configuration, and then immediately re-enable it. This will generate a new QR code and a fresh set of recovery codes, ensuring your account remains secure.