Two-Factor Authentication or simply 2FA is a means of advanced security because its safety does not depend on a good password. Instead, there will be a second "layer". Hence, two-factor. Labforward offers this technology for new as well as existing accounts. The following article will first explain the process for new accounts, i.e. after creating an account. In the second part, it will explain for either if you deliberately chose to "set up later" or if you already had an account prior to the introduction of 2FA. Either way, you will need a smartphone and have either FreeOTP or Google Authenticator — as the authentication app — installed.

Note: It is not possible to enable 2FA for those who login using Google or Microsoft SSO (single-sign on). If you currently use SSO to login to your Labforward account and want to use 2FA then please get in touch with support.

How to activate 2FA after creating a new account

The creation of a new account will be as described in the article Creating a Labforward account. However, after email address confirmation, you will automatically be forwarded to the 2FA set-up form. You can either use the form as described below to activate 2FA or decide to do so later by clicking SET UP LATER. Account creation will be complete either way. The set-up form will have the following sections:

1. Decide whether using FreeOTP or Google Authenticator and install the respective app on your "device".
2. The "device" name will help you remember which smartphone or tablet or whatever other applicable hardware you were setting the authentication app up for.
3. The QR code needs to be scanned with the authentication app of your choice: "Scan QR code".
4. Once you have paired your device with your Labforward account, you will enter your first one-time code from the authentication app. Enter the code and click DONE to be forwarded to Labfolder profile page where you can complete your profile and start using Labforward platform.

Note: In case scanning is not an option or seems to fail, you can click on "Unable to scan?" to find the alternative procedure offering a 32 character code for manual transfer. In the app use "Enter a setup key". The rest, however, will be the same.

How to set up 2FA for an existing account

After login, navigate to Profile page and click on Settings, you will find a tile for 2FA flagged as "Disabled".

1. To start the process, click on the arrow symbol.

2. To make sure nobody is stealing your account while your not looking, you will have to enter your password and confirm by clicking LOGIN.

3. Now you can either click SET UP AUTHENTICATION to proceed, which will get you to the set-up form as introduce in the first paragraph (albeit in this context displayed as an overlay on the Profile page); or you can postpone once more by clicking on the arrow symbol in the upper left of the tile.

How to login with 2FA

Once 2FA is activated, you will always get the second login prompt after the first (email and password login). Open your athentication app and copy the one-time code as shown for Labforward IAM. Click AUTHENTICATE to finish.