Two-factor authentication (TFA), sometimes called two-step verification adds an extra layer of security beyond a password. Acquia recommends enabling TFA on your Cloud Platform account, which requires using an authentication app like Google Authenticator or Authy along with your email and password. TFA is mandatory to access any TFA-enabled application in Cloud Platform.

Supported mobile authentication applications¶

Acquia supports TFA through the following mobile authentication applications:

• Google Authenticator (Android, iPhone, or BlackBerry)
• Authy (Android or iPhone)
• Microsoft Authenticator (Android or iPhone)
• FreeOTP (Android)
• Other mobile authentication application, as long as it works with the Time-based One-time Password Algorithm (TOTP) (RFC 6238)

Setting up TFA on your Acquia user account¶

To set up TFA:

1. Sign in to the Cloud Platform user interface.
2. Click your profile icon at the top right corner.

3. Click Account Settings. 

   
4. In Multi-factor Authentication, click the plus (+) icon.
5. Specify your account password and click Verify.
6. In Authenticator, click Set up.
7. Launch your mobile authentication application and scan the QR code. 
   Alternatively, if you are unable to scan the QR code through your application, do the following:
   1. Open the mobile authentication application on your phone or other device.
   2. Click the plus (+) icon.
   3. Click Enter a setup key.
   4. In Account name, enter your Acquia account username.
   5. In Your key, specify the code displayed on the Set up Authenticator page.
8. In Enter code, specify the verification code displayed in your mobile authentication application.
9. Click Verify.

Modifying TFA settings¶

To modify your TFA settings:

1. Sign in to the Cloud Platform user interface.
2. Click your profile icon at the top right corner.
3. Click Account Settings.
4. In Multi-factor Authentication, click the delete icon corresponding to the existing authenticator.
5. Select one of the following options:
   • Authenticator
   • Password
6. Based on your selection in the preceding step, do the following. For example, if you select Authenticator:
   1. Specify your code.
   2. Click Verify.
   3. Specify your password.
   4. Click Verify.
      This removes the existing mobile authenticator configuration from the system.
7. To configure a new mobile authentication application, follow the steps in the Setting up TFA on your Acquia user account section. 

Authorizing a new device¶

If you get a new phone, you can install the mobile authentication application of your choice on the new phone and modify your settings in the Cloud Platform user interface with a new verification code. If you are unable to log in to the Cloud Platform user interface, create a Support ticket.