Add Authenticator as a second factor

    Available since 1.26.0

    Add a Two Factor Method - Authenticator

    The Authenticator method is enabled by default on every tenant. To toggle please navigate to Tenants → Edit Tenant → Multi-Factor. The authenticator method is also referred to as Google Authenticator or Time-Based One-Time Password (TOTP).

    Enable MFA method on Tenant (Admin Facing)

    The authenticator factor is enabled by default at the tenant level. It can be toggled on and off as needed.

    Toggle Authenticator On Tenant

    Enable Authenticator Factor from Account Management (User Facing)

    Account Management Index

    1. Navigate back to your account page.

    2. Click Manage two-factor

    3. Click Add two-factor

    4. There will be an option for an Authenticator app.

    Add Factors Authenticator Add Account

    Next,

    1. Scan the QR code with your favorite authenticator application such as Google Authenticator or Authy.

    2. Enter the code given.

    3. Click the Enable button.

    Recovery Codes (User Facing)

    Now you will be presented with recovery codes. Save these in a safe space.

    Recovery Codes

    Success!

    Upon the next login, you will be prompted for a code displayed by the Authenticator App in addition to your password.

    See It in Action (User Facing)

    With the Authenticator method enabled, if you log out and log back in you will be presented with the following screen in addition to the typical login screen.

    Challenge Account Management

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    Have a question or comment to share?

    Visit the FusionAuth community forum.