A Time based One Time Password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. Time based One Time Passwords provide additional security as even if a user's traditional password is stolen or compromised, an attacker cannot gain access without the TOTP, which expires quickly. The Two-Factor Authentication (2FA) tab will only be displayed if the "Enable Time based One Time Password (TOTP)" option is enabled in the user's service plan. If you cannot find this option in your account, upgrade your service plan. Time based One Time Password (TOTP) can be used as a secondary authentication method for login, server-side signing, and document opening.
Click "Configuration" then click "Two-factor authentication" under Profile & Security options in Personal Configuration section.
Click "Enable Two-Factor Authentication" button.
An email will be sent to your email address to configure two factor authentication.
To configure the two factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The email sent to the user to configure two factor authentication (2FA) will contain:
QR Code
Manual Key
Recovery Codes
To set up, the user can either scan the "QR Code" or manually input the "Manual Key" in the Authenticator app. The list of recovery codes included in the configuration email can be used in place of a Time based One Time Password, once each recovery code, to regain access to your SigningHub account, in case you lose access to your mobile device. It is advised to save the recovery codes in a safe place. The user can however, regenerate a new list of the recovery codes from the Manage Two Factor Authentication (2FA) option.
Once the registration is successful, the user can provide the automatically generated Time based One Time Password from the Authenticator app to SigningHub and click the "Enable 2FA" button.
Click "Configuration" then click "Two-factor authentication" under Profile & Security options in Personal Configuration section.
To disable two factor authentication, click on the "Disable Two-Factor Authentication" button.
To regenerate the recovery codes, click on the "Regenerate recovery codes" button. You will be prompted to provide the Time based One Time Password. In case you do not have access to your mobile phone, you can also input a recovery code, that has not been used before, in place of the Time based One Time Password.