Multi-factor authentication
Set up multi-factor authentication on your decube workspace to ensure security for all your users.
Requirements
To enforce MFA for your organization, you will need to be an Owner or have permission to Manage access for organization. You will also need to enable the MFA on your account first before you can enforce it on behalf of your organization. The enabling of MFA is completely optional but recommended.
Enabling MFA on your account
To enable MFA on your account, head over to the Update Profile page and click on Set Up in the Multifactor Authentication section.
In the first-time setup, you will have to scan the QR code with an authenticator app in your device (such as Google Authenticator, Microsoft Authenticator, Authy etc.) to generate a single use code. Enter the generated 6-digit code in the verification field.
The QR code is only valid for 1 minute, and the page will time out in 3 minutes; otherwise you will need to sign in again.
After you have successfully validated the verification code, you will be shown a recovery code for your account. Ensure that you copy and keep the recovery code safely as you will need this to access your account in case you do not have access to your device.
The recovery code is one-time use only. Once you have used your recovery code, you will need to set up the MFA again on your account.
Enforcing MFA on your account
You are able to enforce MFA on your account by navigating to "My Account" > "Update Profile" tab.
To enable MFA on your account, it is compulsory to "Enable Sudo Mode". Upon enabling sudo mode, you will receive a OTP to your email. Without closing the window, go to your registered email and retrieve the OTP. Then, paste the OTP into the window.
Once the OTP verification has passed, you can enable MFA on your account by selecting "Set Up" under the MFA option.
Disabling MFA
To disable MFA on your account, on the same "My Account" > "Update Profile" tab, simply select "Disable"once you have pass the sudo mode verification.
Upon selecting "Disable", MFA has then been successfully revoked from your account and you will be redirected to the sign-in page again.
Enforcing MFA on organization users
You can navigate to the Org Settings in My Account to toggle on the Multifactor Authentication section to force all users to set up their MFA settings on the next login.
To enable MFA on your organization, it is compulsory to "Enable Sudo Mode". Upon enabling sudo mode, you will receive a OTP to your email. Without closing the window, go to your registered email and retrieve the OTP. Then, paste the OTP into the window. This opens up the option to enable the toggle for MFA.
Disabling MFA for your Organisation.
To disable MFA on your organisation, you may turn off the toggle under the "MFA" option upon passing the sudo mode verification.
FAQ
I can't access my account because I lost my device. How can I regain access?
If you have your recovery code which was shown when you set up your account, you can use the recovery code on the MFA verification page which will disable the MFA on your account. If MFA is enforced across your organization, you may need to set up MFA again.
In case you have not kept your recovery code, to regain access to your account, we will need to verify that you are the owner of the account. In this case, write to us at support@decube.io and CC your organization owner. Once your organization owner verifies that your request is legitimate (by replying to your email), we will proceed to disable the MFA on your account.
Last updated
