Skip to main content

Two-Factor Authentication (2FA) Guide

How to use two-factor Authentication with TetherX

Roman Gaufman avatar
Written by Roman Gaufman
Updated today

Two-Factor Authentication adds an extra layer of security to user accounts, requiring a second form of verification in addition to the password. Our system uses Time-based One-Time Passwords (TOTP) generated by an authenticator app (e.g. Google Authenticator, Authy, Microsoft Authenticator and others).

Enabling 2FA

For Your Own Account (All Users)

  1. Navigate to your user profile settings page.

  2. Locate the "Two factor authentication" setting.

  3. Select "Authenticator App" from the dropdown menu.

  4. You will be prompted to enter your current password for verification (if you have already saved your password to your browser, this may autofill).

  5. Click "Update User".

  6. You will be redirected to the 2FA setup page.

  7. Scan the provided QR code with your authenticator app or manually enter the setup key.

  8. Enter the 6-digit code generated by your authenticator app into the verification field and submit.

  9. Once verified, 2FA will be active for your account.

For Another User's Account (Admins, Integrators, Staff Only)

Privileged users (Admins, Integrators, Staff) can enable 2FA for other users:

  1. Navigate to the target user's profile settings page.

  2. Locate the "Two factor authentication" setting.

  3. Select "Authenticator App" from the dropdown menu.

  4. Click "Update User".

  5. Important: The target user will be immediately logged out of all active sessions.

  6. On their next login attempt, they will be required to complete the 2FA setup process (scan QR code, verify token) before they can access their account.

Disabling 2FA

For Your Own Account

  • Regular Users: Once 2FA is enabled, regular users cannot disable it themselves for security reasons.

  • Admins, Integrators, Staff: Privileged users can disable 2FA for their own accounts:

    1. Navigate to your user profile settings page.

    2. Select "None" from the "Two factor authentication" dropdown.

    3. Enter your current password for verification (if you have already saved your password to your browser, this may autofill).

    4. Click "Update User". 2FA will be disabled.

For Another User's Account (Admins, Integrators, Staff Only)

Privileged users can disable 2FA for other users:

  1. Navigate to the target user's profile settings page.

  2. Select "None" from the "Two factor authentication" dropdown.

  3. Click "Update User". 2FA will be disabled for that user immediately. No password is required for this action.

Key Security Points

  • Forced Setup: Enabling 2FA for a user (by themselves or an admin) forces them through the setup process on their next login.

  • User Disablement Restriction: Regular users cannot disable 2FA once it's active.

  • Admin Disablement Power: Admins, Integrators, and Staff have the ability to disable 2FA for any user, including themselves (though disabling for themselves requires their current password).

Did this answer your question?