Overview
Concord allows individual users to activate Two-Factor Authentication (2FA) (also called Double Authentication) on their accounts to protect them from unauthorized access. Users can use a 2FA app of their choice on their mobile phone or tablet.
*This feature is available for users that access Concord via email and password. Users who access Concord via company Single Sign on (SSO) or Google can activate 2FA in their respective identity provider's settings.
Activating Two-factor authentication
Enable Two-factor authentication in Settings
- From the Home page, select the gear icon at the bottom left-hand corner
- From the menu, select Settings
- You will be navigated to the Personal information page
- In the Two-factor Authentication section, click the Set up button
- Enter your Concord account password and click Continue
- The Enable two-factor authentication modal will open with instructions. If you don't already have one installed, download a 2FA app on your mobile device or tablet.
- Most one-time password (OTP) applications can be used with Concord.
- Examples of commonly used apps include Google Authenticator, Authy, and LastPass Authenticator. Open the app and scan the QR code from the modal.
- Open the app and scan the QR code from the modal
- Enter the verification code generated by the app into the field labeled Enter code
- Click the Activate button
Logging in with Two-factor authentication
- On the Login page, enter your email and password
- Open your two-factor authenticator app on your mobile device or tablet
-
Enter the code generated by your application or enter an unused recovery code
- Click Submit
Using a recovery code to access your account
Recovery codes can be used in an event where a user has lost their phone and is unable to access the
- On the Login page, enter your email and password
- Enter one of your unused recovery codes in place of a code provided by your Two-factor authentication app.
- Click Submit
If a user has lost their recovery codes and loses their mobile device, please reach out to Concord support at support@concordnow.com for assistance.
Note: Each recovery code can only be used once.
Disabling Two-factor authentication or changing your Two-factor authentication provider
- From the Home page, select the gear icon at the bottom left-hand corner
- From the menu, select Settings
- You will be navigated to the Personal information page
- In the Two-factor Authentication section, click the Set up button
- Confirm your Password
- Click the Disable 2FA button
Note: You can now safely remove the entry for your Concord account from your authentication app.
Viewing which users have Two-factor authentication enabled
Concord account Administrators and Team Managers can view which users have enabled Two-factor authentication by:
- From the Home page, select the gear icon at the bottom left-hand corner
- From the menu, select Settings
- You will be navigated to the Personal information page
- Navigate to Users under Company
- View the 2FA column
Two-factor authentication is set up by the user; admins are unable to require Two-factor authentication. The exception is when using single sign-on (SSO), and it is required through the SSO provider.
Users that have disabled or not yet activated will have Two-factor authentication will have Disabled listed in the 2FA column.