Data protection & Anonymity
      Back to home
      1. Support-Center
      2. Data protection & Anonymity

      How to Set Up Two-Factor Authentication (2FA)

      Two-Factor Authentication (2FA) increases the security of user accounts by requiring verification from a second device (e.g., a smartphone).

      Which Methods of 2FA Are Supported?

      Two methods are supported for Two-Factor Authentication:

      1. Time-Based One-Time Passwords (TOTP) with Authenticator Apps or Browser Extensions, and
      2. Security Keys (e.g., YubiKey or devices with Touch ID, Windows Hello).

      You can add or change methods in your user settings. If your organization requires authentication with a second factor, you have to set up a second factor before you can continue.

      If you lose your second factor, contact your admin to reset it.

      Authentication with Authenticator Apps

      You can use an Authenticator App (e.g., Authy, Google Authenticator or Microsoft Authenticator) or a Browser Extension (e.g., 1Password) as a second factor. Here's how this method works:

      1. Install an Authenticator App (e.g., Authy, Google Authenticator or Microsoft Authenticator) on your mobile device or use a Browser Extension (e.g., 1Password).
      2. Scan the displayed QR code with your installed Authenticator App, or manually enter the setup key shown.
      3. Your Authenticator App or Browser Extension will then generate an entry for teamecho and display a 6-digit code. Enter this code to verify the setup.
      4. Click "Save" to complete the configuration.

      Authentication with Security Keys

      Another option is to use Security Keys, such as a YubiKey or a device with Touch ID or Windows Hello. Here's how this method works:

      1. Assign a name to your Security Key to make it easier to identify later.
      2. Click "Add" to start the setup. Your browser will guide you through setting up your desired Security Key.

      2FA Settings in teamecho

      For users to enable Two-Factor Authentication, this feature has to be activated by an admin in the organizational configuration in the section "Security". There are four possible settings:

      1. No 2FA: 2FA is disabled for all users.
      2. 2FA optional for all users: Users can enable 2FA, but it is not required.
      3. 2FA mandatory for admins and optional for other users: Admins must enable 2FA, but it is optional for other users.
      4. 2FA mandatory for all users: All users must enable 2FA. This option is not recommended, as it may impact response rates since additional barriers (such as the loss of a second factor) can make access more difficult.

      How Do I Reset a User’s Second Factor as an Admin?

      As an admin, you can reset the second factor for all users (except your own) on the "Edit User" page in the user management.

      If a user repeatedly enters an incorrect second factor, their access will be temporarily blocked for security reasons. In this case, administrators can reset the second factor in the user management, which lifts the block. The user can then set a new second factor during their next login.

      If you have further questions or issues, please feel free to contact our support team!