2FA

Your account security can be improved with the help of 2FA (two-factor-authentication). You do this by adding an additional factor of proving your identity aside from your password. Even if your password gets into the wrong hands, now unauthorized persons cannot access your acccount.

Additionally to the passwort, you must also enter a short-lived one-time-password when logging in, which is created by so-called authenticator apps. Well-known apps for two-factor-authentication are for example Google Authenticator (available for iOS/Android) and Microsoft Authenticator (available for iOS/Android).

Two-factor-authentication is only supported for local user accounts. If you login via Active Directory or Entra ID, you are offered authentication factors by these identity providers.

1. Click on "Enable 2FA" on the profile page
2. Follow instructions on that page
3. Enter second factor during login

The two-factor-authentication can be deactivated again by the user on the profile page.

If a user no longer has access to their authentication app (e.g., because they have lost their smartphone), an administrator can navigate to "Administration → Users" and deactivate the two-factor-authentication for that user so they can log into HITGuard again.