Add Authenticator as a second factor

FusionAuth Reactor logo

This feature is only available in paid plans. Please visit our pricing page to learn more.

Available since 1.26.0

Add a Two Factor Method - Authenticator

The Authenticator method is enabled by default on every tenant. To toggle please navigate to Tenants -> Edit Tenant -> Multi-Factor. The authenticator method is also referred to as Google Authenticator or Time-Based One-Time Password (TOTP).

Enable MFA method on Tenant (Admin Facing)

The authenticator factor is enabled by default at the tenant level. It can be toggled on and off as needed.

Toggle Authenticator On Tenant

Enable Authenticator Factor from Account Management (User Facing)

Account Management Index
  1. Navigate back to your account page.
  2. Click Manage two-factor
  3. Click Add two-factor
  4. There will be an option for an Authenticator app.
Add Factors Authenticator Add Account

Next,

  1. Scan the QR code with your favorite authenticator application such as Google Authenticator or Authy.
  2. Enter the code given.
  3. Click the Enable button.

Recovery Codes (User Facing)

Now you will be presented with recovery codes. Save these in a safe space.

Recovery Codes

Success!

Upon the next login, you will be prompted for a code displayed by the Authenticator App in addition to your password.

See It in Action (User Facing)

With the Authenticator method enabled, if you log out and log back in you will be presented with the following screen in addition to the typical login screen.

Challenge Account Management