Two Factor Authentication FAQ
What is a Second Factor?¶
Two Factor Authentication is a method of confirming a user's identity by requiring the user to present two pieces of evidence ("factors") to an authentication mechanism. In our system, the first factor is a password (something the user knows), while the second factor is a token generated by software on the user's mobile device (something the user possesses).
What do I need in order to obtain a second factor token?¶
In order to obtain a second factor token, you will need a mobile device. On that mobile device, you will then need to install Google Authenticator (or another QR code reader application that implements the Time-based One Time Password algorithm) on your mobile device. See also Setting Up Two-Factor Authentication.
Can I use an SSH key pair as an alternative second factor?¶
We do not support SSH keys as a second factor and we have no plans to implement SSH key-based authentication. Only time-based codes are currently valid.
How do I transfer my old second factor onto my new device?¶
Authy¶
It should get synchronised automatically.
Google Authenticator¶
Open Authenticator on both devices. On the original device tap the three-dot menu icon followed by Transfer accounts, then Export accounts, select the accounts you want to keep and then press Next. If these options are not present then first update your Authenticator. On the new device press Import existing accounts then scan the QR code provided on the old device.
How do I get a new Second Factor?¶
See article here.
Can I use the same Second Factor again?¶
No. You can only use each Second Factor code once and must then wait for a new Second Factor to cycle. Attempting to use the same Second Factor will cause your Authentication to fail.