Using two-factor authentication with your Acquia user account | Cloud Platform

This page describes how to sign in to the Cloud Platform user interface with two-step verification. For information on how to enable two-step verification for all users on your Acquia subscription, see Setting up two-step verification.

What is two-step verification?¶

Two-factor authentication (TFA), sometimes called two-step verification, is more secure than password authentication alone. With two-step verification enabled, a user signing in to the Cloud Platform user interface must supply not only a user email address and password, but also a code sent to a trusted device, using either an authentication application or an SMS text message.

The Cloud Platform user interface requires you to sign in again if it has been more than 90 minutes after the last time you signed in.

Supported mobile authentication applications¶

Acquia two-step verification supports the following mobile authentication applications:

Google Authenticator (Android, iPhone, or BlackBerry)
Authy (Android or iPhone)
Microsoft Authenticator (Android or iPhone)
FreeOTP (Android)
Other mobile authentication application, as long as it works with the Time-based One-time Password Algorithm (TOTP) (RFC 6238)

Setting up two-step verification on an Acquia user account¶

When you sign in to the Cloud Platform user interface, you are directed to the Two-step Verification setup page. You can enable or disable two-step verification at any time from your Acquia Profile, as described in Modifying two-step verification settings.

To set up two-step verification:

Select how you want to receive verification codes (mobile authentication application or text message). Acquia recommends using a mobile authentication application. Using text messages is possible only for US or Canada phone numbers that can receive SMS messages.
Enter your Acquia password.
Click Begin to go to the next page.

The two-step verification setup process continues based on the method you selected for your verification codes:
If you selected Mobile Application as your verification method:
1. Select the mobile authentication application you want to use, and click Continue to go to the next page. For more information, see Supported mobile authentication applications.
2. Open your mobile authentication application on your phone or other device. Either point it at the QR code displayed on the Two-step Verification Code page, or enter the Acquia Text Code.
3. In the Application verification code field on the Two-Step Verification Code page, enter the verification code displayed by your mobile authentication application.

Setting up a fallback method¶

After you set up two-step verification, you should then set up a fallback method. This is optional, but strongly recommended. If you set up a mobile authentication application as your primary method of verification, SMS text message is your fallback method, and vice versa.

If you set up a mobile authentication application as your primary method of verification:

Enter your mobile telephone number.

Your telephone number must be a US or Canada number and that can receive SMS messages. Standard carrier rates may apply.
Click Set up fallback.

You will receive a verification code at the phone number you specified.
Enter the verification code you received into the SMS verification code field, and click Continue.

Using your fallback method¶

To use your fallback method, when you are prompted for a verification code, click the Having trouble? link. Acquia sends a verification code using your fallback method. Enter the code and click Verify.

Recording your recovery codes¶

As another form of fallback verification, when you set up two-step verification, Acquia creates a set of recovery codes you can use to gain access to your account when you don’t have your phone available. You should print or write them down and store in a secure place. Acquia strongly recommends you do not store your recovery codes on a device.

You can view your recovery codes if you are already signed in to the Cloud Platform user interface, on your Profile > Credentials page.

Using a recovery code¶

To use a recovery code:

Sign in to the Cloud Platform user interface with your email and Acquia password.
Click the Having trouble? link or Don’t have your code? link when prompted for your verification code.
Enter your recovery verification code and click Recover.

After you have recorded your recovery codes, click Finish.

Modifying two-step verification settings¶

You can modify your two-step verification settings at any time. To do so:

Sign in to the Cloud Platform user interface.
Click your name in the upper right of the user interface, and click the Account Settings link to open your Acquia profile.
In your Acquia profile, click Credentials.
On the Credentials page, in the Two-Step Verification section, edit the settings you want to change.

You can change your primary and fallback verification methods (mobile authentication application or SMS text message), and phone number. You can also view your recovery codes.

Authorizing a new device¶

If you get a new phone, you can install the mobile authentication application of your choice on the new phone and then modify your Profile > Credentials settings in the Cloud Platform user interface with a new verification code. If you must enter a verification code to sign into the Cloud Platform user interface, you can:

Use your fallback method.
Use a recovery code.

If neither of these methods work or are available to you, click the Still having trouble? Contact us link to obtain a phone number which you can use to create a Support ticket.