Two-factor authentication (2FA), also known as two-step verification, adds an additional layer of security to your Auvik account by requiring a one-time verification code in addition to your password.
Auvik requires 2FA for users who sign in with an Auvik username and password.
If your organization uses one of the following authentication methods, 2FA is managed by your identity provider instead of Auvik:
- Single sign-on (SSO)
- Microsoft Entra ID (formerly Azure Active Directory)
- Google Workspace
In these cases, users will complete 2FA through their identity provider during sign-in.
How Auvik 2FA Works
Auvik uses the Time-Based One-Time Password (TOTP) standard, which is supported by many authenticator applications, including:
- Microsoft Authenticator
- Google Authenticator
- Authy
- 1Password
- Bitwarden
- Other TOTP-compatible authenticator apps
Authentication codes refresh automatically every 30 seconds and can only be used once.
Set Up Two-Factor Authentication
When you sign in to Auvik for the first time using an Auvik username and password, you'll be prompted to configure 2FA.
To set up 2FA:
- Log in to Auvik.
- When prompted, open your preferred authenticator application.
- Scan the QR code displayed on the screen.
- Enter the one-time verification code generated by your authenticator app.
- Complete the sign-in process.
If you can't scan the QR code
If you're unable to scan the QR code:
- Click Can't scan the QR code?
- Copy or record the setup key that is displayed.
- Manually add an account to your authenticator application.
- Enter the setup key when prompted.
- Enter the generated verification code to complete setup.
Sign In Using 2FA
After completing setup, you'll be prompted for a verification code each time you sign in with your Auvik username and password.
- Enter your username and password.
- Open your authenticator application.
- Enter the current one-time verification code.
- Click Sign In.
Troubleshoot Verification Code Errors
If Auvik rejects a valid-looking verification code, verify the following:
- The date, time, and timezone on your mobile device are set automatically.
- Your authenticator application is synchronized with your device's clock.
- You are entering the most recently generated code before it expires.
- The account configured in your authenticator app matches the Auvik account you're signing into.
Many authenticator applications include a setting to automatically correct time drift. Enabling automatic time synchronization can resolve most invalid-code errors.
Lost Access to Your Authenticator App or Device
If you've lost access to the device that contains your authenticator application and can no longer sign in:
- Contact an administrator on your Auvik account and ask them to reset your 2FA token.
- After the reset, you'll be prompted to configure 2FA again during your next login.
If you're still logged in
If you're currently signed in to Auvik but need to replace or reset your authenticator device, follow the steps in Reset your two-factor authentication before removing access to your existing authenticator app.
Users Signing In Through SSO, Microsoft, or Google
If your account uses:
- Single sign-on (SSO)
- Microsoft Entra ID
- Google Workspace
and multi-factor authentication is enabled through that provider, Auvik does not manage your authentication codes.
To reset or troubleshoot 2FA, use the tools and recovery procedures provided by your identity provider.
Security Best Practices
To help protect your account:
- Use a trusted authenticator application rather than SMS-based authentication where possible.
- Keep your mobile device's date and time synchronized automatically.
- Secure your authenticator application with a PIN, password, or biometric authentication.
- If your authenticator app supports backup or recovery options, configure them before replacing or resetting your device.
- Remove old or unused authenticator devices when no longer needed.