Navigation

Manage Your Multi-Factor Authentication Options

Multi-factor authentication provides an additional layer of security for your Cloud Manager account.

Important

If an Organization Owner enables multi-factor authentication, all members of that organization must also enable MFA before they can access the organization.

When MFA is enabled, a user must provide their password as well as verification from another mechanism.

Cloud Manager provides the following factors for multi-factor authentication:

  • Okta Verify Mobile App
  • Google Authenticator
  • Email

You can enable one or more authentication mechanisms for your account. It is recommended that you enable at least two authentication mechanisms in case you lose access to one of them.

Configure Multi-Factor Authentication

If you currently have legacy two-factor authentication set up for your account, you must disable it before you set up multi-factor authentication.

To disable legacy 2FA, navigate to your User Preferences panel.

  1. Click on the dropdown menu labeled with your name in the upper right corner of the Cloud Manager UI.
  2. Click Legacy 2FA in the dropdown menu.
  3. Click the pencil icon icon to edit your legacy 2FA settings.
1
2

Select an authentication method.

Click the Set up button for your desired authentication method.

Set up an Authentication Method

  1. Download the Okta Verify app to your mobile device.
  2. Add a new account to the app.
  3. Scan the displayed bar code.
  4. Set up another authentication method, or click Skip for Now to complete the setup procedure.
  1. Download the Google Authenticator app to your mobile device.
  2. Tap the + icon to add an account.
  3. Scan the displayed bar code.
  4. Enter the six-digit verification code.
  5. Set up another authentication method, or click Skip for Now to complete the setup procedure.

Remove an Authentication Method

To remove an authentication method from your account, click the trash icon icon next to the method you want to remove.

Note

You must authenticate with an existing authentication method before removing an authentication method.