Protect your Ziflow account with two-factor authentication (2FA). In addition to your password, you'll verify your identity using a one-time code generated by an authenticator app on your mobile device.
Available for licensed users on:Free Standard Pro Enterprise
How two-factor authentication works
Two-factor authentication adds a second layer of security to your account by requiring a verification code each time you sign in from an untrusted device.
By default, 2FA is available for all Ziflow users. Enterprise administrators can also require 2FA for all users and control whether trusted devices are allowed.
Supported authenticator apps
Ziflow users can use any of the following authenticator applications. Install one of the following on your mobile device.
Duo Mobile (Android & iOS)
Set up your authenticator app
The setup process is similar for all supported apps:
- Go to Settings > My Profile and under Two-factor Authentication, select Configure.
- Verify your identity.
- Open your authenticator app on your mobile device and select Ready to scan.
- Add a new account in your authenticator app.
For app-specific instructions, refer to the documentation for:Duo Mobile (Android & iOS)
- Scan the QR code or enter the setup key from Ziflow.
- Enter the generated verification code in Ziflow to complete setup.
Important: Copy and save the recovery code that appears on the page after set up. You can use it to access Ziflow if you lose your mobile device. To use your recovery code, see Use your recovery code.
The next time you sign in to Ziflow, you'll be prompted to provide an access token generated by your authenticator app.
Use a trusted device
A trusted device lets you sign in without entering a verification code every time.
When you select Trust this device during sign-in, Ziflow remembers that device so you won't be prompted for a verification code for up to 30 days.
Trusted devices are available only when:
- 2FA is enabled.
- Your organization allows trusted devices.
If you don't see the option to trust your device, contact your Ziflow administrator.
Manage trusted devices
You can review and remove trusted devices from Settings > My Profile > Two-factor Authentication.
For security:
- Use trusted devices only on devices you own or control.
- Protect trusted devices with a password or biometric authentication.
- Regularly review and remove devices you no longer use.
Trusted device expiration
A trusted device expires:
- 30 days after the last successful 2FA authentication, or
- after seven days of inactivity.
Once it expires, you'll be asked to verify your identity again.
Multiple Ziflow accounts
If you belong to multiple Ziflow accounts and any account requires 2FA, you'll be required to authenticate with 2FA when signing in.
The same rule applies to trusted devices. If trusted devices are disabled in any account you belong to, you won't be able to use them across your connected Ziflow accounts.
If your organization uses trusted accounts, these rules follow the trusted account relationship between tenants.
Disable two-factor authentication
To remove 2FA from your account:
- In Ziflow, go to Settings > My Profile > Two-factor Authentication.
- Select Remove.
- Enter your password.
- Enter a verification code from your authenticator app.
- Confirm that you want to disable 2FA.
Recover access to your account
Use your recovery code
If you lose access to your authenticator app, you can sign in using the recovery code generated when you enabled 2FA.
After signing in with a recovery code, you'll receive a new recovery code. Store it in a secure location.
Generate a new recovery code
If you still have access to your authenticator app but misplaced your recovery code:
- In Ziflow, go to Settings > My Profile > Two-factor Authentication.
- Select Regenerate.
- Verify your password.
- Enter a verification code from your authenticator app.
A new recovery code is generated immediately.
Ask an administrator to reset 2FA
If you've lost both your device and recovery code, ask a Ziflow administrator to reset 2FA for your account.
When the reset is initiated:
- You'll receive a confirmation email that's valid for 15 minutes.
- Select the link in the email to confirm the reset.
- Sign in with your password.
- Configure 2FA again if you want to continue using it.
If no administrator is available, contact Ziflow Support using the email address associated with your Ziflow account.
Additional information
- Only licensed users can enable 2FA.
- 2FA is supported for Single Sign-On (SSO) accounts.
- The Legacy Ziflow Viewer does not support two-factor authentication.
Related to
Comments
0 comments
Please sign in to leave a comment.