How to Set Up Two-Factor Authentication (2FA) on Login?

When an administrator has enabled 2FA for your system, you need to set up an authenticator app on your first login. This takes a few minutes and adds an extra layer of security to your account.

When It Will Be Useful

• You are logging in for the first time after the administrator enabled 2FA.
• The system shows a QR code and requests 2FA setup.
• You need to restore access after an administrator reset your 2FA.

What's Important to Know

• 2FA (Two-Factor Authentication) is an extra layer of security that requires entering a one-time code from a mobile app after entering your login and password.
• The one-time code updates every 30 seconds.
• The code is valid for 10 seconds after generation (there is a small time buffer).
• If you lost access to your authenticator app, contact your administrator to reset 2FA.

Before You Start

• You have a mobile phone with access to App Store or Google Play.
• You know your login (email or phone) and password for system access.
• You are ready to install an authenticator app on your phone.

Key Terms

• Authenticator app — a mobile app that generates one-time codes for login. Most popular: Google Authenticator, Authy, Microsoft Authenticator.
• QR code — a square code on the screen that contains information for setting up 2FA. You scan it with your authenticator app.
• One-time code — a six-digit code that appears in the authenticator app and updates every 30 seconds.

Step-by-Step Instructions

Step 1. Install Authenticator App

Install one of the authenticator apps on your mobile phone:

App Options:

• Google Authenticator (iOS/Android) — most popular option
• Authy (iOS/Android) — with backup capability
• Microsoft Authenticator (iOS/Android) — from Microsoft
• Any other TOTP-compatible app

How to Install:

1. Open App Store (iOS) or Google Play (Android).
2. Find the app by name (for example, "Google Authenticator").
3. Tap "Install" and wait for installation to complete.

Expected Result: The app is installed on your phone and ready to use.

Step 2. Log In to the System

1. Open the system login page.
2. Enter your email or phone and password.
3. Click the login button.

Expected Result: After successfully entering login and password, a modal window opens with a QR code and a field for entering the code.

Step 3. Scan the QR Code

1. Open the authenticator app on your phone.
2. Tap the button to add a new account (usually "+" or "Add account").
3. Select the "Scan QR code" option.
4. Point your phone's camera at the QR code on the computer screen.
5. Wait for the app to recognize the QR code and add the account.

Expected Result: A new entry appears in the app with your project name and starts displaying a one-time code that updates every 30 seconds.

⚠️ If QR Code Doesn't Scan: Make sure your phone's camera has access to the app. You can also enter the secret key manually (if it's shown below the QR code).

Step 4. Enter the One-Time Code

1. Look at the one-time code in the authenticator app on your phone.
2. Enter this code into the field on the computer screen.
3. Click the login or confirm button.

Expected Result: After entering the correct code, login succeeds and you are taken to the main page.

⚠️ If Code Is Not Accepted: Check that you entered the code correctly and that the time on your phone is synchronized. Try waiting for the next code (it updates every 30 seconds).

How to Log In After Setting Up 2FA

On each subsequent login:

1. Enter email/phone and password on the login page.
2. The system opens a modal window with a field for entering the code (QR code is not shown).
3. Open the authenticator app on your phone.
4. Enter the current one-time code from the app into the field on the screen.
5. Click the login button.

💡 Tip: Keep the authenticator app on your phone's home screen for quick access to the code.

If You Lost Access to the App

If you lost your phone, deleted the app, or cannot access the one-time code:

1. Contact your system administrator.
2. Ask them to reset 2FA for your account through Settings → Users → edit your user → "Reset 2FA to user" button.
3. After resetting, you will be able to set up 2FA again on your next login.

⚠️ Important: An administrator can reset 2FA only if they have permission to edit users and if 2FA is enabled for the system. After resetting, you will need to set up 2FA again on your next login.

Common Issues and Solutions

Issue: Code Is Not Accepted

Possible Causes:

• Time difference between phone and server.
• Incorrectly entered code.

Solution:

1. Check that the time on your phone is synchronized (enable automatic time synchronization).
2. Make sure you entered the code correctly (6 digits).
3. Wait for the next code (it updates every 30 seconds) and try again.

Issue: QR Code Doesn't Scan

Possible Causes:

• Phone camera doesn't have access to the app.
• QR code is unclear or too small.

Solution:

1. Check the authenticator app's camera permissions in settings.
2. Bring your phone closer to the screen or enlarge the QR code on the screen.
3. If there is a secret key below the QR code, enter it manually in the app.

Issue: App Doesn't Generate Code

Possible Causes:

• App is not configured correctly.
• Phone time is not synchronized.

Solution:

1. Check that the time on your phone is set correctly (enable automatic synchronization).
2. Make sure you scanned the QR code correctly.
3. Try deleting the account from the app and adding it again.

Related Materials

• How to Enable 2FA for the System (for administrators)
• How to Reset Password Through "Forgot Password?"
• Authentication Scenarios Hub