Two-factor authentication (2FA)
Introduction
Two-factor authentication (2FA) is a subset of multifactor authentication (MFA). It typically uses a one-time time-based passcode (TOTP) to add an extra layer of security to the user’s account.
How it works - technical
Generally, 2FA works as follows:
A secure string of letters and numbers (known as a secret key) is generated.
This string is shared with an authenticator app on the user’s mobile device - usually by scanning a QR code.
The authenticator app uses the secret key, along with the current date/time to generate a code. These codes expire after a short period of time and a new one is generated.
When authenticating with an application, the user is prompted to retrieve the current code from their authenticator app and input it into the application. If the code matches what the application has generated, the user is authenticated.
How it works - user journey
When 2FA is enabled for your Patchworks account, you will log into the dashboard as normal with your username and password. Having entered your credentials, you are prompted to enter an authentication code, which you obtain from your authenticator app:
Need to know
To enable 2FA for your Patchworks login, you will need an authenticator app - for example (but not limited to Google Authenticator, Microsoft Authenticator, Duo, Authy).
Enabling 2FA for your Patchworks login
To enable 2FA for Patchworks, follow the steps below:
Step 1 Log into the Patchworks dashboard.
Step 2 Select settings (from the bottom of the left-hand navigation menu):
Step 3 Select my account settings:
Step 4 Select the multi-factor authentication tab:
Step 5 Click the enable button:
...setup information is displayed with a QR code:
Step 6 Open your preferred authenticator app and scan the QR code.
Step 7 Your authenticator app will generate a 2FA code, which you should enter in the Patchworks multi-factor authentication tab, then click confirm::
Step 8 A set of recovery codes is displayed, which can be used in the event that you can't access your authenticator app for any reason. Copy these codes somewhere secure (such as a password manager).
Step 9 Click the copied button to confirm that you've copied recovery codes - the setup is now complete:
The next time that you log into Patchworks, you'll be prompted to enter a 2FA code (generated by your authenticator app) before you can access the dashboard:
Disabling 2FA for your Patchworks login
To disable 2FA for Patchworks, follow the steps below:
Step 1 Log into the Patchworks dashboard.
Step 2 Select settings (from the bottom of the left-hand navigation menu):
Step 3 Select my account settings:
Step 4 Select the multi-factor authentication tab:
Step 5 Click the disable MFA button:
Step 6 When prompted, confirm your decision:
Last updated
