Two-Factor Authentication

How to set up Two Factor in SuiteCRM 8?

Visit your user profile and there will be a new "Two-Factor Authentication" tab.

2FA in Profile

This tab will show the Status of the Users 2FA and the configuration button (only Status for admins viewing profiles).

The Two Factor Configuration button will bring you to the page to enable Two-Factor Authentication.

Enable 2FA Page

2FA QR Code

After enabling 2FA a QR Code will show. Scan that on your authenticator app. Enter the code the app shows.

Unable to scan the QR Code?

If you are unable to scan the QR code then you can get the secret to manually input it.

Select Unable to scan the QR Code?

QR Code Secret

If you need to add more than the code when setting up manually check out the Extra Config section.

After Enabling

Enabled 2FA

After enabling a set of Recovery/ Backup codes will show.

What are Recovery/ Backup Codes?

Backup codes are one time codes that can be used when you are unable to log in with your authenticator app. After using a code once you will not be able to use it again.

The 10 Backup Codes will only show after verifying your authentication code and will not show again when revisiting the page.

Regenerating Backup Codes

You can regenerate backup codes via the Two-Factor Configuration page. You will have to re-enter your authenticator code.

Regenerate Codes

How to Disable Two-Factor Authentication

Disabling Two-Factor Authentication will require you to re-enter your authentication code.

It can be done via the Two-Factor Configuration page.

Disable 2FA

Other ways to disable

Admins can also disable the 2FA for users via their profile. If the user has 2FA enabled a new "Disable 2FA" action will appear for Admin users, that will allow Admins to disable 2FA for that user.

Disable via Profile

Two-Factor on Login

If 2FA is enabled for your user, after login there will be a popup to enter your authentication code.

2FA Login

Extra Configuration

When setting up Two-Factor manually on some applications you may be asked to provide more information:

  • TOTP

  • Time based

  • Interval: 30 secs

  • Digits: 6

  • Sha: 1

Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.