All Collections
People Management
Users & Contacts
Two-Factor Authentication (2FA) for Ziflow
Two-Factor Authentication (2FA) for Ziflow
Add an extra layer of security that requires users to provide two forms of authentication to access their Ziflow accounts.
Michał Sałyga avatar
Written by Michał Sałyga
Updated over a week ago

Summary: We're excited to announce the launch of a new security feature in Ziflow - Two-Factor Authentication (2FA).

In addition to the usual username and password, users must also provide a unique code generated by an authenticator app.

Available for: Enterprise edition only.


Enabling Two-Factor Authentication (2FA) in your account

The 2FA is turned on by default for all Ziflow Enterprise edition customers. However, in the near future, we plan to have an account setting that will allow Ziflow admins to control whether the 2FA is required for their users.


Supported methods of 2FA

Currently, Ziflow users may select four different applications for setting up the 2FA method. Users can decide which app should be installed on their mobile devices to start using 2FA. Here's a list of currently supported authentication apps:

How does it work?

Ziflow allows all Enterprise users to set up the 2FA. Users can open their profile and then configure the app used for two-factor authentication.

Enabling Two-Factor Authentication (2FA) in your account

To enable 2FA, go to your Ziflow profile settings and click on the Configure button.

2FA configuration in Ziflow

During this process, you'll be asked to give your Ziflow password, and after confirming it, you can set up your authentication app.


Read detailed instructions on how to set up authentication and sign in to Ziflow using 2FA:

Authy

To start using 2FA, please open the Authy app installed on your device and continue with the following steps:

  1. First, provide your country code and phone number.

  2. Then, verify your account by selecting one of the options (Authy on another device, WhatsApp message, SMS message, voice call).

  3. Next, enter provided code in the Authy app.

  4. Finally, accept adding a new device to your Authy account.

Once the Authy app is ready (linked with your device), you can connect your Ziflow account with Authy to start using 2FA.

  1. Open up your profile in Ziflow and click on the Configure button.

    2FA configuration in Ziflow

  2. Enter the Ziflow password to verify your identity:

    Verify identity before setting up 2FA in Ziflow

  3. You'll see a new window with a QR code and a place to enter the code. Please leave that window open for now.

    Scan QR code or copy activation code to your 2Fa app

  4. In Authy, please tap the (menu) icon in the upper right corner and then select Add Account.

  5. Tap the desired option, and follow the prompts:
    - Scan QR Code: Use this option to scan a QR code with your device's camera.
    - Enter key manually: Use this option to type a token code on your device manually.

  6. Select the icon (if desired) and, enter an account name, then tap Save.

  7. You'll now see a new 2FA code for this account in Authy. Please enter this code on your account page and submit it in Ziflow.

    Enter verification code copied from your 2FA app

  8. Remember to copy and save the backup code, which can be later used for access if you lose your mobile device.

  9. Next time you sign in to Ziflow, you'll be prompted to provide the access token generated by the Authy app.

    Sign in to Ziflow after providing token from 2FA app

If you need more information about setting up and using Authy 2FA, we recommend reading Authy's guide.


Google Authenticator

To start using 2FA, please open the Google Authenticator app installed on your device and continue with the following steps:

  1. Open up your profile in Ziflow and click on the Configure button.

    2FA configuration in Ziflow

  2. Enter the Ziflow password to verify your identity:

    Verify identity before setting up 2FA in Ziflow

  3. You'll see a new window with a QR code and a place to enter the code. Please leave that window open for now.

    Scan QR code or copy activation code to your 2Fa app

  4. Scan the QR code using a Google Authenticator app or enter the code from Ziflow directly in the app.

  5. Confirm adding a new account in Google Authenticator by pressing the Add Account button.

  6. After adding the Ziflow inside Google Authenticator, you can link both by entering the generated token into Ziflow.

    Enter verification code copied from your 2FA app

  7. Remember to copy and save the backup code, which can be later used for access if you lose your mobile device.

  8. Next time you sign in to Ziflow, you'll be prompted to provide the access token generated by the Google Authenticator app.

    Sign in to Ziflow after providing token from 2FA app

If you need more information about setting up and using Google 2FA, we recommend reading Google Help for 2-Step Verification.


Duo Mobile

To start using 2FA, please open the Duo Mobile app installed on your device and continue with the following steps:

  1. Open up your profile in Ziflow and click on the Configure button.

    2FA configuration in Ziflow

  2. Enter the Ziflow password to verify your identity:

    Verify identity before setting up 2FA in Ziflow

  3. You'll see a new window with a QR code and a place to enter the code. Please leave that window open for now.

    Scan QR code or copy activation code to your 2FA app

  4. Scan the QR code using your Duo Mobile app, or manually enter the activation code from Ziflow into the app.

  5. Confirm adding a new account in Duo Mobile by naming your account and then pressing the Save button.

  6. You can just back up your Duo account in Google Drive. This step is optional only if you'd like to back up your data in case you lose access to your device.

  7. After adding the Ziflow inside Duo Mobile, you can link both by entering the generated token into Ziflow.

    Enter verification code copied from your 2FA app

  8. Remember to copy and save the backup code, which can be later used for access if you lose your mobile device.

  9. Next time you sign in to Ziflow, you'll be prompted to provide the access token generated by the Duo Mobile app.

    Sign in to Ziflow after providing token from 2FA app

Check this article if you need more information about setting up and using Duo Mobile 2FA.


Microsoft Authenticator

To start using 2FA, please open the Microsoft Authenticator app installed on your device and continue with the following steps:

  1. Open up your profile in Ziflow and click on the Configure button.

    2FA configuration in Ziflow

  2. Enter the Ziflow password to verify your identity:

    Verify identity before setting up 2FA in Ziflow

  3. You'll see a new window with a QR code and a place to enter the code. Please leave that window open for now.

    Scan QR code or copy activation code to your 2Fa app

  4. Scan the QR code using a Microsoft Authenticator app or enter the activation code from Ziflow directly in the app.

  5. After adding the Ziflow inside Microsoft Authenticator, you can link both by entering the generated token into Ziflow.

    Enter verification code copied from your 2FA app

  6. Remember to copy and save the backup code, which can be later used for access if you lose your mobile device.

  7. Next time you sign in to Ziflow, you'll be prompted to provide the access token generated by the Microsoft Authenticator app.

    Sign in to Ziflow after providing token from 2FA app

If you need more information about setting up and using Microsoft Authenticator 2FA, we recommend reading the Sign in using two-step verification or security info.


Two-Factor Authentication troubleshooting


Switching off Two-Factor Authentication

To disable 2FA in your account, go to your Ziflow profile and click the Remove button under the Two-factor Authentication section. First, you must enter your Ziflow password and provide the security token from the 2FA app. Once the code is entered, you'll be asked if you want to remove 2FA authentication from your account.

 Switching off enabled Two-Factor Authentication

Ziflow access using 2FA recovery code

If you lose access to your mobile device linked with the 2FA app, we recommend using a backup code generated each time you set up a 2FA in Ziflow. The code should be kept safe since it allows the bypass of 2FA.

Screen with a backup code allowing to bypass 2FA in Ziflow

If you lost the backup code, go to the Two-factor Authentication section under your Ziflow profile, hit the Regenerate button, provide your Ziflow password, and enter the security code from the authentication app. This will regenerate the backup code that could be used in case of any problems with your device.

Regenerating a backup code to 2FA in Ziflow

With the backup code, you can quickly get into your account without providing a security token from the authentication app. Sign in to Ziflow using your credentials, and select the recovery code option. Once you enter the backup code, you'll be shown a new code and allowed to enter your Zfilow account.

Signing in to Ziflow with backup recovery code from 2FA

Retrieve Ziflow access with the help of the Ziflow administrator.

If your Ziflow account has been locked due to many failed login attempts using 2FA, or you lost your mobile device with a backup code, it's time to contact your account admin or Ziflow support to reset 2FA on your profile.

You'll see the following prompt on the login screen when your account gets locked due to too many failed login attempts.

Your account has been locked in Ziflow

If you cannot pass authentication due to a lost device and 2FA backup code, please get in touch with your account admin (Ziflow user with admin rights) and ask to reset 2FA in your profile.

Admins have a special button that allows resetting 2FA for other users using this type of authentication.

Reset 2FA button in Ziflow

When the reset action is initiated, a user will receive an email notification (valid for 15 minutes).

When the reset action is initiated, a user will receive an email notification (valid for 15 minutes)

This email contains a button (and URL) to confirm a 2FA reset.

Reset 2FA email

Once the confirmation button is clicked, you should see the following message, which means that 2FA has been disabled, and you should be able to sign in with your Ziflow credentials.

Two-Factor Authentication reset confirmation screen

Please remember that after the 2FA reset is complete, you'll need to set it up once again if you still want to use this type of authentication.

If any of your Ziflow account admins are not available to reset 2FA for you, please get in touch with Ziflow support, who can also assist with this process.


Additional information:

  • Only licensed users can configure the 2FA.

  • Two-Factor Authentication is available only for accounts not using the Single Sign-On.

  • Just so you know, Legacy Ziflow Viewer is not supported when using Two-Factor Authentication.

Did this answer your question?