Introduction


Two-factor (2FA) or multi-factor authentication (MFA) is an additional security layer for your business. This helps you address the vulnerabilities of a standard password-only approach.


Enabling the 2FA feature will add one more step to the login process. In addition to providing the correct username and password, you will be required to enter a One Time Password.


The methods that we provide for 2-Factor Authentication are:

Email:  With this method, every time you log in, you receive an email to the mail address of your RushFiles user, containing your authentication code. You will then need to type in this code before access is granted.

Authenticator application:  Login with an authenticator application. This method is also known as TOTP (Time-based One-time password). Using this method, you can setup 2FA by scanning a QR code using a TOTP based smartphone application, like Google Authenticator or Microsoft Authenticator. The application then continuously generates the authentication codes that you can use to authenticate yourself.



Note All Your user profile is only affected by 2FA settings that are set on your primary account. You will not be affected by 2FA policies and options set on accounts other than your primary account.
 



In this article:

1. How do I enable/disable 2FA for my user profile?

2. Setting up 2FA with Authenticator app

3. Setting up 2FA with Email code authentication

4. Editing and disabling 2FA settings

5. I am forced to setup 2FA when logging in, why?

6. I have lost access to the email address or device I'm using for 2FA. How can I log in?

7. I have set up 2FA in the Profile menu, but I'm not prompted to give an authentication code when logging in, why?






1) How do I enable/disable 2FA for my user profile?


Once the company administrator of your primary account has enabled the option to use 2FA on your account, you can set it up for your user profile in the Profile menu of the web client.


✔    Log in to the web client.

✔    Click on Profile.

✔    Click on Edit two-factor authentication settings.



✔    Type in your password again in the security pop-up.

✔    Choose either Email code or Authentication app method, and continue reading this article to see the next steps with each of these methods.








2) Setting up 2FA with Authenticator app.


As soon as you select "Authenticator app" as your 2FA method, you will see on-screen instructions that you have to perform to connect your authenticator app with your RushFiles profile.


✔    If you have not done so yet, download an authenticator app to your mobile device. We recommend either Microsoft Authenticator. You can find download links to them on the 2FA setup page, or below:


iOS - Microsoft Authenticator | Google Authenticator

Android - Microsoft Authenticator | Google Authenticator

Windows Phone - Microsoft Authenticator


✔    Start your authenticator app and add a new account.

✔    Scan the QR code or use input the key displayed in bold on the 2FA setup page in RushFiles into your authenticator app.



✔    Type in the authentication code that you see in the authenticator app to finalize the setup.



✔    You'll now see 10 recovery codes that you can use to log in to your account a single time in case you don't have access to the email address or authenticator app used with your profile. Make sure to save these in a safe place. After all 10 have been used up, you'll receive 10 new ones. You can always see your recovery codes by coming back to the Edit two-factor authentication settings page.

✔    Your user profile is now protected with two factor authentication.

✔    The next time you try to log in, after validating your password, you will also need to type in the authentication code that you see in your authenticator app.






3) Setting up 2FA with Email code authentication


✔    After choosing Email code from the 2FA options, click Save.

✔    Your user profile is now protected with two factor authentication.

✔    The next time you log in, you'll receive a mail to the email address that you use with RushFiles that contains the authentication code you need to use to log in to RushFiles.



Note You don't receive recovery codes with the Email code option.
 







4) Editing and disabling 2FA


After enabling 2FA, you have the option to edit your existing settings or disable 2FA altogether, unless your company administrator has enforced the use of 2FA on your primary account.


First, you'll need to navigate to the Edit two-factor authentication settings page in the Profile menu.


Switching authenticator apps/devices:

✔    Click on Reconfigure authenticator app.

✔    Scan the QR code or type in the key you see on the screen into your authenticator app.

✔    In the field at the bottom of the screen, type in the authentication code that's shown in your authenticator app.

✔    Click Save.

✔    If you have access to the previous device/app used for authentication, you may remove the previously setup account from the authenticator app on that device.

✔    Scan the QR code or type in the key you see on the screen into your authenticator app.


Switching between authenticator app and email code verification:

✔    Choose the method you want to switch to in the dropdown menu.

✔    If you've chosen authenticator app, follow the on-screen instructions to set it up again.

✔    If you change to email code, then simply click Save. You'll receive an authentication code to your email address at your next login.


Disabling 2FA:

✔    In the dropdown, choose "None selected"

✔    Click Save.



Note If you can't see a "None selected" option, it means that your company administrator has enforced the use 2FA on your primary account, so you don't have the option to disable it. Contact them to change this.
 






5) I am forced to set up 2FA when logging in, why?


This means that your company administrator has enforced the use of 2FA for users on your account, including you. The on-screen instructions will guide you through the process, or you can refer to the steps in sections 2) and 3) in this guide.






6) I have lost access to the device I'm using for 2FA. How can I log in?


In this case, you have several options to regain access to your account:

Recovery codes  At the log in screen, type in your email address and password. When you're prompted to input your authentication code, click on "Log in with recovery code". Type in one of the still valid recovery codes and click on Log in to log in. Don't forget to change or disable your 2FA settings as a recovery code will only let you log in a single time.

Contact your account administrator  Ask a company administrator of your primary company account to disable 2FA on your profile temporarily. This will allow you to login once without an authentication code, so you can reconfigure or disable 2FA on your profile. In case your company administrator is enforcing the use of 2FA on the account, you'll need to setup 2FA at login.

Contact your reseller  If you don't have access to your recovery codes, nor are any company administrators available, contact your RushFiles reseller.






7) I have set up 2FA in the Profile menu, but I'm not prompted to give an authentication code when logging in, why?


This means that the administrator of your primary company account's administrator has not enabled 2FA on the account yet. Get in contact with them to change it.


Additionally, you don't have to repeatedly log in with 2FA from the same client, unless you have been inactive (the particular RushFiles client has been offline) for a period of time:


Web Client  24 hours

Windows (PC) Client  30 days

Mac Client  30 days

iOS Client  30 days

Android Client  30 days