By using the two-factor authentication (2FA) you can easily increase the security of your own user account. You simply confirm your identity by combining two different particularly independent components (=factors). The two factors consist of your login password and a time-limited one-time password from another application.
Activating / setting up the 2FA
You can activate the two-factor authentification in your browser / desktop app within the settings of your user account in the tab Profile. Just click the slider next to "Two-Factor Authentification" and enter your login password for verification. Afterward, a page including step-by-step instructions on how to activate the two-factor authentication will open.
Activate the two-factor authentification in your account settings
The following steps are necessary during the activation process:
1.) An extra app for authentification is required to generate your access codes.
Please download on a mobile device for example one of the following applications: Google Authenticator, Duo Mobile, Authy oder Microsoft Authenticator.
Get an app that generates your access codes
2.) Open the previously downloaded authentication app and click on the plus symbol to add a new account. Afterward, scan the QR code that is displayed in your personal instructions on Stackfield. (Attention: Do not scan the "sample" code shown here!)
Scan the QR code displayed on Stackfield
3.) Now, a 6-digit code will be generated. Simply copy and paste it into the corresponding field in your personal instructions on Stackfield and click "Verify and Activate".
Enter the generated verification code when logging in
4.) Finally, your backup codes will be displayed. Make sure to store them somewhere safely outside of Stackfield!
IMPORTANT: Why is that necessary? In case you lose access to your mobile phone or have any problems with your access codes, the backup codes, which were created during the activation of the two-factor authentification, are the only possibility to access your account. Save and / or print your backup codes multiple times and keep them safe! Do not send the codes unencrypted, as they can be used to log into your account!
It is best to print out your backup codes
How to log in using the 2FA
Log into Stackfield as usual by entering your email adress and your password. After that, a second prompt will appear, and you can enter the authentication code for the two-factor authentication.
Enter the authentification code to log in
To receive your current authentification code, open your chosen app on your mobile device and select the stackfield account. Now, a 6-digit code will be displayed, which must be entered on Stackfield. Keep in mind that the code is only valid for a certain amount of time. After its expiration, a new code has to be generated. (Apps like Authy show you how long the code is valid.)
What if the generated 2nd factor (code) is not accepted when logging in?
Since time-dependent codes are used when using two-factor authentication, it is necessary to set the time correctly on the mobile device. There are two different ways to solve this problem:
- Set the time of your mobile device to "Automatic date / time" (Procedure: iOS / Android).
- Use the "Synchronize time" function of the authentication app you downloaded. (This function is not available within all apps!)
In case no valid code can be generated, use your backup codes when logging in. Deactivate the two-factor authentification afterwards so you can use another app when setting it up again.
Deactivating the 2FA
You can deactivate the two-factor authentification in your browser / desktop app within the settings of your user account in the tab Profile. It can be activated / set up again at any time. By deactivating / activating the two-factor authentification it is also possible to change the app.
Deactivate the two-factor authentification within the settings of your user account
Where can I view my backup codes and create new
ones?
View backup codes
To view your backup codes, open your user profile settings in the browser / desktop app and click the button "Show your backup codes" in the "Login" section of the Profile tab.
Show backup codes
Note: Store your backup codes securely outside of Stackfield if you haven't already.
Generate new backup codes
To generate new backup codes, disable the two-factor authentication and enable it again / set it up again. Stackfield will then generate new backup codes for you.
Loss / change of the mobile device
If you lose access to your mobile device, you will need to access your Stackfield account via the browser / desktop app. In case you are no longer logged in on the computer, you will need to use your backup codes. These can be used in the same way as the codes generated by the app.
Next, deactivate the two-factor authentication and set it up on your new mobile device by activating it again. Some authentication apps also sync automatically via the cloud when you switch devices. In this case, you can continue to use the two-factor authentication as usual and do not have to deactivate it first.
Options for admins
Within the business plan, each user can decide for themselves whether they want to activate the two-factor authentication (by default, it is disabled).
Starting with the premium plan, admins of the organization can optionally make the usage of two-factor authentication mandatory for all users*. Simply click on the tab Permissions in the organization settings and activate the slider below "Organization Access". Now, the activated two-factor authentication is the only way for users to access the content of the organization.
Make the two-factor authentification mandatory for all users
If the two-factor authentication has not been set as mandatory, the user can decide for themselves.