If you’re facing a situation where one of your staff members has lost his 2FA login secret for Zistemo and needs to recover it, you may need to change password as part of the recovery process.
Tip: Always securely save your 2FA secrets and backup codes in a safe location to ensure you can regain access if needed.
No need to panic! Recovering your 2FA login secret is a fairly straightforward process.
Understanding the Recovery Process
Losing access to your device or account can be stressful, but understanding the recovery process for two factor authentication (2FA) is key to regaining access quickly and securely. When 2FA is enabled, it adds an extra layer of security to your account, helping to protect your identity and sensitive information from unauthorized access.
If you find yourself locked out, there are several options to recover your account. Most systems, including Zistemo, offer backup methods such as a QR code, a list of backup codes, or even SMS messages to verify your identity. For example, the Google Authenticator app allows users to generate and save backup codes during the initial setup. These codes can be used as a second factor to authenticate your identity if your primary device is lost or unavailable.
It’s important to note that while SMS messages can be used as a recovery method, they may not be as secure as authenticator apps or passkeys. For maximum security, always save your recovery codes in a secure location, such as a password manager or a locked safe. This ensures that you can access your account from a new device if needed, and configure two factor authentication again to maintain your account’s security.
During the recovery process, you may be required to verify your identity with an additional factor, such as your password or a biometric identifier, to confirm that you are the rightful account owner. Always follow the correct steps and procedures provided by your system or administrator to avoid any security risks or complications.
By understanding your options and taking the right precautions, you can ensure that your accounts remain secure, even if you lose access to your device. Remember to review your 2FA setup regularly, save your backup codes, and stay informed about the best practices for authentication and account recovery. This proactive approach helps protect your identity and keeps your information safe.
What the account owner has to do
As an account owner, the first step is to open the staff member’s profile page. You may need to log in and be signed in to your account to access this page. Go to Contacts -> Staff and then select the staff member by their username.
Once there, you may need to click on certain buttons or links to reveal the lost secret code and the QR code at the bottom of the page. There may also be an option to download the secret or codes, or to edit the staff profile details if needed.
You can choose to copy the secret and QR code, and either email them to the staff member or use another preferred method. The staff member will then enter the secret or scan the QR code in the Google Authenticator app, associating the code with their username to create a new login.
Avoid security leaks with the send QR Code
After the staff member has successfully logged in, it is important that he changes the secret/QR code to prevent possible phishing attempts. He may need to click on the “User Menu”, which he can find at the top left with the user avatar icon, and select “My profile”. Depending on the system, he may be required to sign in again or be signed in to access this section. If there are multiple ways to change the code, he can choose the preferred option. In some cases, editing the authentication code or profile details is possible, and accessing this area may require a screen lock, PIN, or pattern for additional security.
Create a new secret code
It will find the secret code and QR code in the “Two-factor authentication” section. You may need to sign in or be signed in to access this section. If prompted, log in with your credentials.
Remove the current login in the Google Authenticator app. If you need to update details, you can edit or delete the existing code.
To create a new secret code, click on “Change secret” and confirm the change. You will have the option to download the new secret or QR code. When adding the new login in the Google Authenticator app, choose your preferred method: scan the QR code or enter the secret code manually.
Make sure your new secret code works
Don’t forget to check that the new code is working by verifying successful authentication. You may need to sign in or be signed in to your account, log in to the system, and click the appropriate button to complete the process. If there are multiple options to validate, choose your preferred method.
With these simple steps, you and your staff member will be able to recover the lost 2FA login secret code quickly and safely.
Enjoy zistemo!
