This article will walk you through how to set up Two-Factor Authentication for an account. When you enable 2FA with the new sign-in, you will have to use your password and a verification code to successfully log in.
There are two authentication methods available:
Authenticator App (recommended): This is the strongest and most reliable option for protecting accounts.
Email: A good fallback for users who can’t or don’t want to use an authenticator app, while still improving security compared to password-only login.
Important Notes
CivicPlus recommends that every user enables Two-Factor Authentication to provide enhanced security. This industry-standard security convention requires users to use both their password and a secondary form to prove their identity at sign-on, hence the term two-factor.
A user cannot have both the authenticator app and email authentication options enabled at the same time. If a user enables email authentication and then adds an authenticator app, the system will default to the authenticator app method.
Add an Authentication App
Navigate to the Password & Security tab

Click Add Authentication App under the Two Factor Authentication section

Follow the instructions to configure an authenticator app by opening or installing any time-based, one-time passcode (TOTP) app on your desktop or mobile device, adding the authenticator key using the QR code or copy-paste, entering the unique code generated for you by the app, and selecting Verify

Examples of TOTP apps:
Microsoft Authenticator
Browser-based options like Authenticator.cc
Save the presented list of Recovery Codes in case you ever lose access to the app
Signing in will require the time-based, one-time passcode from your authentication app every time you sign in

Add Email Authentication
Navigate to the Password & Security tab

Click Add Email Authentication under the Two Factor Authentication section

An email will be sent to your account’s email address. Copy the code from the email.

Note:
If you did not recieve the email code, click Resend Authentication Code on your account page to resend the email.
Paste the Authentication Code on your account page and click Verify

Email Authentication will now show as Enabled on your account

You will now be sent an email authentication code that you will need to enter every time you sign in to your account

Reset 2FA Settings
Resetting your 2FA settings will remove all your current 2FA methods, delete your authentication keys, and remove your recovery codes.
Important Note
If your organization requires 2FA, you will be prompted to re-enable two-factor authentication the next time you log in.
Navigate to the Password & Security tab

Click the Reset 2FA Settings button

Click Confirm Reset on the pop-up

Your two-factor settings will be removed, and you can now re-set up an authenticator app or email authentication
Disable 2FA on Your Account
This will remove all your current 2FA methods, and you will need to set up 2FA again if you want to use it in the future.
Important Note
If your organization requires 2FA, you will be prompted to re-enable two-factor authentication the next time you log in.
Navigate to the Password & Security tab

Click the Disable 2FA button

Click Confirm Disable on the pop-up

Your two-factor settings will be removed, and you can now re-set up an authenticator app or email authentication

