What Is Bitrix24 OTP & How To Configure
To enable 2 step authorization, go to your Profile > Security section:
Follow the instructions provided at Extra Security Options page:
After 2 step authentication is configured, the system will suggest to save Recovery Codes:
Read more about what you need to do if you’d like to activate this option in this blog post.
Switch off Bitrix24 OTP for particular user:
After Bitrix24 administrator has already configured OTP option, he\she still can disable the OTP for particular employee(s). To do that open employee’s profile page, click "disable" two-step authentication under Security section:
You can choose the number of days the OTP will be disabled (it will be automatically switched on after). To switch off OTP completely for the employee - use "Always" option (you will be able to enable it manually for that user at any time later).
Set up for new telephone option is also available.
Application Passwords (Access to Mobile or Desktop app):
If users who activated two step authorization are also using any outside services that synchronize data with Bitrix24 accounts (mobile and desktop apps, MS Office, MS Outlook, Google Calendars, etc.), a special separate password needs to be generated for each app in order for synchronization to continue.
The Application Passwords page can be opened from your Profile page:
Select an application that you need a password for and click Get Password (e.g. desktop app):
Copy the password:
Now enter the copied password to the third party service you are using (e.g. desktop app password field) instead of the usual password. (Important: do not use your regular Bitrix24 account password).
For mobile and desktop applications the password is generated automatically when you first log in after entering the one time code. But you can also get a special password on the "Application passwords" page first and use it instead of the password in the mobile and desktop apps.
Wrong OTP Error
In case you have configured the OTP option correctly, but the password generated by the phone OTP app is not accepted – the problem may be connected with the Time Settings of your phone. Right now the OTP password has an activity time frame of 30 minutes, if your phone & your Bitrix24 time difference is more than 30 minutes – you won’t be able to log in. You should set the same time zone for your Bitrix24 account & your phone.
Cannot Access Bitrix24 Anymore
After you have enabled the two-step authentication in your Bitrix24 you won’t be able to log in without entering the one time password. But it happens that you may have lost your phone or forgot it, but need to access the account. There can be several solutions:
- Right after you have enabled the OTP option, you will see the possibility to get the Recovery Codes (My profile>Recovery Codes). You can print them or save to a text file.
The codes should be used instead of the one time passwords generated by phone app. We recommend to mark the codes that have been used as one code cannot be used twice. Please note you can always get more recovery codes in your profile if you have used all provided in the list.
- You can ask your account administrator to switch off the OTP option for you. If you are Bitrix24 administrator yourself you can ask other account admins (if any) to assist.
- Just in case you are the only Bitrix24 account administrator and have neither recovery codes left, nor the configured phone OTP app to generate new passwords, the only solution left is contact our Helpdesk (for paid plan subscribers only).