How to connect two-step authentication
It is also recommended that you do not change the main time on your phone, i.e., use only manual or automatic time zone changes when moving to other locations.
Go to the profile page and click on the Security button.
In the Security section, click Connect.
Set up two-step authentication according to the following instruction:
- Download the Bitrix24 OTP application, which is used to generate one-time passwords.
- Run application and and click on the icon to add a new account.
- Scan QR code or enter the code manually. Also enter the verification code from the app or from the list in the manual instructions.
Done! Now, when logging in, in addition to your username and password, you will need to enter a one-time code, which you will be given in the application. You can also use backup codes.
After two-step authentication connection, you can use backup codes to enter one of them instead of a one-time code. Each code can only be used once.
Recovery codes may be needed if you don't have access to your smartphone. Since two-step authentication is linked to a specific mobile device, you will have to connect it again. Save them just in case. To do this, you can Print them or Save to text file.
Mandatory two-step authentication
For security reasons, we recommend you to enable the Make two-step authentication mandatory for all users option in the account Settings, that can be found in the left menu. In this case, only the administrator can disable the OTP. If the option is disabled, any employee can simply disable it.
Also specify the period of time for employees to connect two-step authentication.
Two-step authentication in Bitrix24 On-Premise version
In the Bitrix24 On-Premise version, two types of two-step authentication are available: with the Time-based One-Time Password Algorithm (TOTP) and HMAC-Based One-Time Password Algorithm (HOTP). You can connect two-step authentication via mobile phone applications, as well as via special electronic devices, for example, eToken.
First you need to enable two-step authentication in the administrative interface in the Proactive protection → Two-step authentication section and make the necessary settings in the Settings tab: set the default password generation algorithm - by time (TOTP) or by count (HOTP):
Then you can choose connection via the public part in My Bitrix24 page.
You can also connect two-step authentication in the administrative interface. Go to the user profile and select the desired option in the Two-step authentication tab.
In the administrative interface in the user profile, you can select any option to connect two-step authorization. In the public part in My Page, you can connect only in the way that is selected by default in the settings of the Proactive protection module.