Two-factor Authentication Recovery

Backup codes are generated for users when they enable two-factor authentication. Users are encouraged to put them in a secure place that is backed up, such as a secure password manager, when going through the setup process. They're also instructed to click a button indicating, "I've saved the backup codes." 

If a user has lost their token they can simply enter one of the one-time-user backup codes when prompted and proceed to reset their two-factor authentication themselves. The user will need to follow the Resetting Two-factor Authentication instructions. 

It happens to the best of us. A user gets a new phone, didn't have a backup, and their two-factor authentication token is gone and they cannot login to dozens of services. If only they had saved their backup codes, right? 

To combat this administrators of a Huntress account can send a recovery link to a user in need. The administrator simply needs to log in, click the three-lines menu in the upper-right corner of the Huntress portal and select the "Users" option.

Find the locked out user in the list and click the life ring icon under the "2FA" column of the user list.

This will bring up a box confirming the action. Click "Email Recovery Link" and the user will receive instructions on how to reset their two-factor authentication.

WARNING: If you have lost your two-factor token AND the backup codes for the ONLY admin in your organization you will need to open a support ticket with Huntress and verify your identity to regain access to your account. This can cause delays when accessing your account and we highly encourage you to store your backup codes in a suitable secure location. 

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us