Two-factor authentication

Two-factor authentication (2FA) is mandatory for all users, using a TOTP (time-based one-time password).

Update 2FA access

You set up 2FA during registration, but any user can update their preferred method for receiving 2FA verification codes.

Note

If you update your 2FA, you will be logged out and will be required to reconfigure 2FA for the next sign in.

To update your 2FA method

1. Click your username in the upper-right corner to display the menu and choose Account Settings.

2. Click Update 2-FA.

3. Enter your current password and click Confirm.

4. Enter your TOTP to confirm your existing 2FA and click Verify.

5. Click Confirm.

   Investigator logs you out.

6. Enter your login email and password and click Sign In.

7. Open an authenticator app (such as Google Authenticator) on your phone and add a new account.

8. Scan the QR code that Investigator displays to connect your app to Investigator.

9. Enter the TOTP from your app in Investigator.

10. Click Verify OTP to log into Investigator.

    Your 2FA is updated.

11. Click Login to sign in to Investigator with your email, password, and new 2FA method.

Recover 2FA access

If you cannot log in to Investigator due to an 2FA issue (for example, if you lose access to the registered authentication app, lose your device, or if there was an error configuring 2FA during registration), you can work with an admin user to recover 2FA access. An admin can reset 2FA access by deactivating and then reactivating your user account.

To recover user access

1. As an admin user, go to System Settings | Users & Access.

   System Settings are available through the left navigation.

2. Select the user with the access issue and click the Edit () icon.

3. Change their status from Active to Inactive and click Save.

4. Select the user again and click the Edit () icon.

5. Change the status from Inactive to Active and click Save.

When reactivated, the system sends an email to the user with password and 2FA reset instructions.