To further secure your Pulseway account, you can enable two-factor authentication (2FA), which adds an extra verification step before performing certain operations.
To enable 2FA or upgrade from the older email-based method, log in to the WebApp and navigate to the Account section from the menu, then click on the 2FA option. For security reasons, you will be asked to re-enter your Pulseway password before accessing the configuration screen.
There are two main options available: Trusted Mobile Devices and One-Time Passcode.
You must configure at least one of these to enable 2FA on your account. For better security, it is recommended to configure both.
Once set up, you will receive a set of backup codes. These can be used if you are unable to authenticate using a trusted device or generate a one-time passcode. Please note that each backup code can only be used once.
1.Trusted Mobile Devices
A Trusted Mobile Device is a mobile device with the Pulseway app installed on it that is registered on your account.
Click “Add Device” to select the devices you want to approve 2FA requests. Once 2FA is enabled, any newly added device is applied immediately without needing to save changes.
If you need to replace a trusted mobile device and do not have One-Time Passcode configured, first add the new device, then remove the old one.
With Trusted Mobile Devices, a push notification will be sent to your selected devices to approve or decline the request. The notification will also display the approximate location of the request and the feature being accessed.
2.One-Time Passcode
Also known as TOTP (Time-based One-Time Passcode) is an algorithm that was adopted as a standard for two factor authentication systems by the IETF (Internet Engineering Task Force). It works by sharing a secret key with an implementing application used to generate codes based on the current date and time. You can use Google Authenticator, Microsoft Authenticator, Authy, 1Password or any other application that supports the TOTP algorithm.
Backup Codes
In addition to the Trusted Mobile Devices and One-Time Passcode you will also receive a set of backup codes that you can use to bypass 2FA prompts. These codes will only work once, and the last backup code can only be used to login to the WebApp. Once all backup codes are used you will be presented with another set of codes which you should store securely.
Reduce Remote Control 2FA prompts
After 2FA is enabled, you will be presented with a 2FA request for each remote-control setting. You can stop this, so 2FA is only required at the first login to the remote-control app, by checking "Reduce Remote Control 2FA prompts" in the Configuration >Settings> Security>Two Factor Authentication menu, as shown below.
Enforce 2FA for All User Accounts
Requires all user accounts to set up two-factor authentication during their next WebApp login. Can be seen under Configuration >Settings> Security>Two Factor Authentication menu, as shown below.
For extra convenience, users who have the iOS mobile application and an Apple Watch can now approve or decline their 2FA logon requests directly from their Apple Watch.