About Two-Factor Authentication
Two-factor authentication adds an extra layer of security for logging into websites. Using a user name and password to log into a website is susceptible to security threats, because it only requires a single piece of information a malicious person needs to acquire. The added security that two-factor authentication provides requires an additional piece of information generated by a second factor.
In myCloud's case, this additional information is a verification code generated by an authentication app on your phone or tablet (often referred to as your mobile device). The app generates a new time-based verification code (TOTP) every 30 seconds.
After two-factor authentication is enabled for your user account, myCloud will require this verification code when someone attempts to sign into your myCloud account. The only way someone can sign into your account is if they know both your password and have access to the authentication app on your mobile device.
A verification code can only be used once, and is only available and valid for 30 seconds.
Authenticator apps
The verification code is generated by an Authenticator App on your mobile device. WiseMo recommends and tests compatibility with Google Authenticator and Microsoft Authenticator for Android and iOS but other authenticator apps or hardware devices supporting the TOTP specification (RFC6238) might work.
To install the authenticator app on your phone or tablet, open App Store on iOS or Play Store on Android. Search for “Google Authenticator” or “Microsoft Authenticator”.
Alternatively use the following links.
Android (phones and tablets):
iOS (iPhone/iPad):
How to enable two-factor authentication
First time you log into myCloud your account will not be protected by two-factor authentication. To configure two-factor authentication, log in to myCloud, go to "Settings | My Profile" page and scroll down to the “Two-factor authentication” section:
Click the “Set up two-factor authentication” button and follow the instructions.
It is important that you save the recovery code because if you lose access to the mobile device with the authenticator app, you cannot login. When you have saved the recovery code in a safe place, click the “I have my recovery code saved” button.
A so called QR code (or bar code) will now be displayed:
and as an alternative, the secrete key is also shown. The secret key is what links the user account and the Authenticator App together. The easiest way to transfer the secret key to the Authenticator App is to scan the QR code. The method is a bit different between the two apps.
Configure Google Authenticator
Click the ‘+’ in the toolbar on iOS:
On Android, click the red button with a ‘+’ in the bottom of the screen:
Select “Scan barcode” in the menu:
Hold up the mobile device so the camera catches the QR image (the barcode). Move the mobile device a bit back and forth until the app succeeds reading the QR image.
The app will automatically go back to the main screen and is now configured.
The app shows some information that will help you identify the verification code (in blue) to use, which is especially helpful when you have multiple codes.
By the title in bold you can determine it is a verification code for WiseMo. Below the 6-digit code, you can see that this is for myCloud and the name of the myCloud user account (the layout is a bit different on Android).
Configure Microsoft Authenticator
Click the ‘+’ in the toolbar on iOS:
On Android, the click the blue button with a ‘+’ on the screen (if this is your first account):
or click the menu button in the toolbar followed by “Add account” in the menu:
Select “Work or school account” in the menu:
Hold up the phone so the camera catches the QR image (the barcode). Move the phone a bit back and forth until the app succeeds reading the QR image.
The app will automatically go back to the main screen and is now configured.
The app shows some information that will help you identify the verification code (the numbers).
By the title in bold you can determine it is a verification code for WiseMo. Below the title, you can see that this is for myCloud and the name of the myCloud user account (the layout is a bit different on Android).
When the Google or Microsoft Authenticator App is configured, the configuration is verified by entering the verification code shown by your app.
If correct, two-factor authentication is successfully configured.
Tip: If you want to configure multiple devices to generate the same verification code for access to your myCloud account, then scan the QR code from each device, and first then press the Activate button. It is not possible after activation to recover the QR code again. You can always re-configure two-factor authentication for your device(s).
How to login with two-factor authentication
Now that your myCloud user account is set up for two-factor authentication you must enter the verification code shown by the authenticator app along with your user credentials:
If everything is correct, you are logged in.
Troubleshooting
If you have problems logging on:
- Verify that the login credentials (user name and password) are correct.
- Verify that you are entering the verification code for myCloud and for the right user.
- Verify that the time is set correctly on the Authenticator App device. Two-factor authentication (TOTP) works between time zones but the time needs to be correct within approximately 30s.
- The verification code is a one-time code. So if you for example need to login twice, you will have to wait for the authenticator app to show a new code the second time.
-
If you lose access to the Authenticator App your only options are:
- Restore the Authenticator App configuration on another device from a backup.
- Use the recovery code to disable two-factor authentication, log-in and re-configure two-factor authentication.
- Another myCloud user in your domain with administrative privileges can delete your account and create a new one for you.