top_en
Main page

Bitrix24Care

OTP (one time password)

Rating:

What Is Bitrix24 OTP & How To Configure 

Bitrix24 OTP (one time password) option protects you from instances when your login and password are stolen, either by spyware or a rogue employee. First, you log in with your regular login and password, then you receive your second password via mobile phone app, enter it – only then you are able to access your account.

To enable 2 step authorization, go to your Profile > Security section:

Follow the instructions provided at Extra Security Options page:

After 2 step authentication is configured, the system will suggest to save Recovery Codes:

Important: we highly recommend you to save Recovery Codes which can be used instead of the one time passwords generated by phone app, since in case something happens with your phone you may loose access to your Bitrix24 completely.

 Read more about what you need to do if you’d like to activate this option in this blog post.

Switch off Bitrix24 OTP for particular user:

After Bitrix24 administrator has already configured OTP option, he\she still can disable the OTP for particular employee(s). To do that open employee’s profile page, click "disable" two-step authentication under Security section:

You can choose the number of days the OTP will be disabled (it will be automatically switched on after). To switch off OTP completely for the employee  - use "Always" option (you will be able to enable it manually for that user at any time later).

Set up for new telephone option is also available.

Application Passwords (Access to Mobile or Desktop app):

If users who activated two step authorization are also using any outside services that synchronize data with Bitrix24 accounts (mobile and desktop apps, MS Office, MS Outlook, Google Calendars, etc.), a special separate password needs to be generated for each app in order for synchronization to continue.

The Application Passwords page can be opened from your Profile page: 

Select an application that you need a password for and click Get Password (e.g. desktop app):

Copy the password:

Now enter the copied password to the third party service you are using (e.g. desktop app password field) instead of the usual password. (Important: do not use your regular Bitrix24 account password).

For mobile and desktop applications the password is generated automatically when you first log in after entering the one time code. But you can also get a special password on the "Application passwords" page first and use it instead of the password in the mobile and desktop apps.

Wrong OTP Error

In case you have configured the OTP option correctly, but the password generated by the phone OTP app is not accepted – the problem may be connected with the Time Settings of your phone. Right now the OTP password has an activity time frame of 30 minutes, if your phone & your Bitrix24 time difference is more than 30 minutes – you won’t be able to log in. You should set the same time zone for your Bitrix24 account & your phone.

Please note that in case your account has another administrator – he\she can always switch off the OTP option for you in your profile page.

Cannot Access Bitrix24 Anymore

After you have enabled the two-step authentication in your Bitrix24 you won’t be able to log in without entering the one time password. But it happens that you may have lost your phone or forgot it, but need to access the account. There can be several solutions:

  • Right after you have enabled the OTP option, you will see the possibility to get the Recovery Codes (My profile>Recovery Codes). You can print them or save to a text file.
    The codes should be used instead of the one time passwords generated by phone app. We recommend to mark the codes that have been used as one code cannot be used twice. Please note you can always get more recovery codes in your profile if you have used all provided in the list.
  • You can ask your account administrator to switch off the OTP option for you. If you are Bitrix24 administrator yourself you can ask other account admins (if any) to assist.
  • Just in case you are the only Bitrix24 account administrator and have neither recovery codes left, nor the configured phone OTP app to generate new passwords, the only solution left is contact our Helpdesk (for paid plan subscribers only).
This helped Thanks :) This didn't help Sorry :(
Could you please tell us why:
It's not what I'm looking for
It's too complicated

Did not find an answer to your question?

Send your question to the Bitrix24Care team
Access to technical support specialists requires commercial plan subscription and is not available to free account users. Free accounts are limited to self-support resources such as product manuals, helpdesk articles, video tutorials, and free webinars. Technical assistance, training, setup, customization and other value added services can also be purchased directly from local Bitrix24 partners