Two-Step Verification¶

Two-step verification adds an extra one-time code from email, Telegram, or an authenticator app, significantly increasing your account’s security. This article explains how to enable the feature and set up your preferred verification method.

What is two-step verification?¶

In short, it’s an authentication process that takes place in two stages:

1. Signing in with the username and password of your account
2. Entering an additional one-time verification code received via a separate communication channel

This method significantly reduces the risk of unauthorized access, even if an attacker learns your username and password.

You can enable the second verification step on the Security page in the Account section:

After enabling it, when you sign in to your account, the system will ask for a verification code after you enter your username and password. You won’t be able to proceed until you enter the correct code:

The verification code is valid only for a few minutes. If it expires, you must request a new one. This helps prevent brute-force attempts and protects the code from being compromised.

Receiving a Verification Code¶

You can receive a one-time verification code through several channels. Only one channel can be active at a time.

When activating or deactivating a channel, you must confirm ownership of that channel by entering a one-time verification code. This ensures that no one but you can change this setting.

Email¶

If you choose this method, you will receive verification codes at the email address you use as your login for the system.

Telegram¶

If you choose this method, you will receive verification codes in the Telegram messenger from our bot.

Authenticator App¶

If you choose this method, you will not receive the verification code via email or messenger. Instead, you will take it from a dedicated authenticator app such as Google Authenticator , Microsoft Authenticator , and others.

These apps are usually installed on the user’s mobile phone so that the codes are always easily accessible.

To use this method, you need to link the app to your account:

Technician Accounts¶

Enforced Use¶

For additional technician accounts in your team, you can enforce the use of two-factor authentication.
To do this, go to the Settings page and enable the Forced two-factor authentication checkbox in the Security block under the Team section.

If a technician does not activate two-factor authentication, they will not be allowed to access their dashboard or make connections. Instead, they will see a message requiring activation:

To reduce the risk of a technician losing their recovery token for the authenticator app, you can disable issuing recovery tokens by enabling the checkbox Do not offer employees to download the 2FA recovery key.

Loss of Access to a Verification Channel¶

If an employee loses access to their verification channel, you can reset two-factor authentication for them so they can configure it again. This can be done from the technician’s profile.

Activation Monitoring¶

You can see which team accounts have activated two-factor authentication in the main list of technicians in the Team section under the 2FA column:

Logging¶

You can track actions related to two-factor authentication for all team accounts in the Audit Logs.

The following events are available for analysis:

Trusted Session Lifetime¶

After confirming your session with a verification code, access to your dashboard becomes trusted and will no longer request a verification code for the lifetime of the browser or desktop app session.

Loss of Verification Channel for the Primary Account¶

To restore access to your account, please contact technical support .