Comment on page
Multi-factor authentication
Set up multi-factor authentication on your decube workspace to ensure security for all your users.
To enforce MFA for your organization, you will need to be an Owner or have permission to
Manage access for organization
. You will also need to enable the MFA on your account first before you can enforce it on behalf of your organization. The enabling of MFA is completely optional but recommended.To enable MFA on your account, head over to the Update Profile page and click on
Set Up
in the Multifactor Authentication section.
Under the Update Profile page in the My Account, you can now click on Set Up in the Multifactor Authentication.
In the first-time setup, you will have to scan the QR code with an authenticator app in your device (such as Google Authenticator, Microsoft Authenticator, Authy etc.) to generate a single use code. Enter the generated 6-digit code in the verification field.
The QR code is only valid for 1 minute, and the page will time out in 3 minutes; otherwise you will need to sign in again.

First-time setup for MFA.
After you have successfully validated the verification code, you will be shown a recovery code for your account. Ensure that you copy and keep the recovery code safely as you will need this to access your account in case you do not have access to your device.
The recovery code is one-time use only. Once you have used your recovery code, you will need to set up the MFA again on your account.

Toggle on the Multifactor Authentication to enforce it for your organization
You can navigate to the Org Settings in My Account to toggle on the Multifactor Authentication section to force all users to set up their MFA settings on the next login.
If you have your recovery code which was shown when you set up your account, you can use the recovery code on the MFA verification page which will disable the MFA on your account. If MFA is enforced across your organization, you may need to set up MFA again.
In case you have not kept your recovery code, to regain access to your account, we will need to verify that you are the owner of the account. In this case, write to us at [email protected] and CC your organization owner. Once your organization owner verifies that your request is legitimate (by replying to your email), we will proceed to disable the MFA on your account.