Two-Factor Authentication (2FA)

Two-factor authentication (2FA) adds an extra layer of security to your EMDESK account. When enabled, you need both your password and a time-based one-time code from an authenticator app to sign in. This helps protect your account even if your password is compromised.

Overview: You can enable and manage two-factor authentication in your User Profile Settings. During login, you will be prompted for a 6-digit code from your authenticator app after entering your password.

In this article:

Before you start

To use two-factor authentication, you need an authenticator app installed on your phone or device. Common options include:

App App Store (iOS) Google Play (Android)
Google Authenticator Download on the App Store
QR code for Google Authenticator on App Store		 Get it on Google Play
QR code for Google Authenticator on Google Play
Microsoft Authenticator Download on the App Store
QR code for Microsoft Authenticator on App Store		 Get it on Google Play
QR code for Microsoft Authenticator on Google Play
Authy Download on the App Store
QR code for Authy on App Store		 Get it on Google Play
QR code for Authy on Google Play

Tip: Reading this on your computer? Scan the QR code with your phone camera to open the app directly in your device's app store.

These apps generate time-based one-time codes (TOTP) that refresh every 30 seconds. Any app that supports TOTP will work with EMDESK.

Note: Two-factor authentication is available for users who log in with an email and password. If you log in exclusively via Microsoft SSO, your account is already secured through your organization's Microsoft identity provider.

Enable two-factor authentication

Step 1: Start the setup


1

Click your profile photo at the top right and select Profile.

2

Scroll to the Two-Factor Authentication section.

3

Click Enable 2FA.

Step 2: Scan the QR code

1

A QR code appears on screen. Open your authenticator app and scan the QR code.

2

If you cannot scan the QR code, click the manual entry key shown below the QR code and type it into your authenticator app.

3

Your authenticator app will now display a 6-digit code that refreshes every 30 seconds.

Step 3: Verify and save recovery codes


1

Enter the 6-digit code from your authenticator app into the verification field and click Verify & Enable.

2

After successful verification, EMDESK displays your recovery codes. These are single-use backup codes you can use to sign in if you lose access to your authenticator app.

3

Save your recovery codes in a secure place. You can use the Copy All button to copy them to your clipboard or Download as .txt to save them as a file.

4

Tick the checkbox "I have saved my recovery codes in a safe place" and click Done to complete the setup.

Important: Recovery codes are only shown once during setup. If you lose both your authenticator app and your recovery codes, you will need to contact support to regain access to your account. Store them securely.

Log in with two-factor authentication

Once two-factor authentication is enabled, the login process requires an additional step:

1

Enter your email address and password on the login page as usual and click Sign In.

2

A second screen appears asking for your 6-digit authentication code.

3

Open your authenticator app and enter the current 6-digit code. The code is submitted automatically once all 6 digits are entered.

4

After successful verification, you are logged in to EMDESK.

Note: The verification code expires after 5 minutes. If the code expires, you will need to start the login process again from the beginning.

Use a recovery code

If you don't have access to your authenticator app (e.g. lost or broken phone), you can use one of your recovery codes to sign in:

1

On the two-factor authentication screen during login, click "Use a recovery code instead".

2

Enter one of your saved recovery codes (format: XXXXX-XXXXX) and click Sign in.

Note: Each recovery code can only be used once. After using a recovery code, you will receive an email notification showing how many codes you have remaining. If you are running low, regenerate your recovery codes as soon as possible.

Tip: After signing in with a recovery code, consider setting up your authenticator app again on your new device and regenerating your recovery codes.

Regenerate recovery codes

You can generate a new set of recovery codes at any time. This is recommended if you have used some of your codes or suspect they may have been compromised.


1

Go to Profile and scroll to the Two-Factor Authentication section.

2

Click Regenerate Recovery Codes.

3

Enter your password to confirm.

4

A new set of recovery codes is displayed. Save them in a secure place using the Copy All or Download as .txt options.

Important: Regenerating recovery codes immediately invalidates all previous codes. Make sure you replace any stored copies with the new codes.

Disable two-factor authentication

If you no longer want to use two-factor authentication, you can disable it from your settings:

1

Go to Settings and scroll to the Two-Factor Authentication section.

2

Click Disable 2FA.

3

Enter your password to confirm.

Two-factor authentication is now disabled. You will receive a confirmation email. You will only need your email and password to sign in going forward.

Note: If you did not disable two-factor authentication yourself, change your password immediately and re-enable 2FA. Your account may have been compromised.

Security notifications: EMDESK sends you an email whenever a significant change is made to your two-factor authentication settings, including when 2FA is enabled or disabled, when a recovery code is used, or when multiple failed verification attempts are detected. These emails include details such as the time, IP address, and browser used. If you receive an unexpected notification, secure your account immediately.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Related Articles