Two-Factor Authentication (2FA)

A Time based One Time Password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. Time based One Time Passwords provide additional security as even if a user's traditional password is stolen or compromised, an attacker cannot gain access without the TOTP, which expires quickly. The Two-Factor Authentication (2FA) tab will only be displayed if the "Enable Time based One Time Password (TOTP)" option is enabled in the user's service plan. If you cannot find this option in your account, upgrade your service plan. Time based One Time Password (TOTP) can be used as a secondary authentication method for login, server-side signing, and document opening.

Configure two factor authentication

  1. Click "Configuration" then click "Two-factor authentication" under Profile & Security options in Personal Configuration section.

  2. Click "Enable Two-Factor Authentication" button.

  3. The 'Configure Two Factor Authentication' dialogue will appear to configure two factor authentication.

  4. To configure the two-factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The 'Configure Two-Factor Authentication' dialogue shown to the user will contain:

    • QR Code

    • Manual Key

    • Recovery Codes

    To set up two-factor authentication (2FA), the user can either scan the QR code or manually enter the Manual Key into an authenticator app. After successful registration, the user must provide the Time-based One-Time Password (TOTP) generated by the app to proceed in SigningHub. A set of recovery codes is also provided in the configuration dialog, which can be used in place of a TOTP to regain access if the user loses access to their mobile device. Each recovery code is valid for one-time use only, and it is strongly recommended to store them in a secure location. Users can regenerate a new set of recovery codes anytime from the Manage Two Factor Authentication (2FA). If an enterprise user loses access to both their mobile device and recovery codes, or has used all of them, they can contact their enterprise administrator to reset the two factor authentication (2FA) for their account.

  5. Once the registration is successful, the user can provide the automatically generated Time based One Time Password from the Authenticator app to SigningHub and click the "Configure" button.

Manage two factor authentication

  1. Click "Configuration" then click "Two-factor authentication" under Profile & Security options in Personal Configuration section.

  2. To disable two factor authentication, click on the "Disable Two-Factor Authentication" button.

  3. To regenerate the recovery codes, click on the "Regenerate recovery codes" button. You will be prompted to provide the Time based One Time Password. In case you do not have access to your mobile phone, you can also input a recovery code, that has not been used before, in place of the Time based One Time Password.

PreviousAuthorised devicesNextSecurity

Last updated

Was this helpful?