Setting Up 2FA (Two Factor Authentication)

Updated
  • Updated on Jun 24, 2025
  • Published on Oct 4, 2022
  • 1 minute(s) read
Prev Next

Overview 

2FA (Two-Factor Authentication) is an extra security method used to increase the number of requisites to log in to an Account. This method requires the user to respond to a security question, provide an emailed passcode, etc.

Important Considerations

The 2FA email is sent from the Default Email Address defined in Portal Settings. By default, this email address is set to admin@decisions.com.

To ensure the proper functioning of 2FA email notifications, it is essential to update the Default Email Address. For more information, refer to Email and SMTP in Decisions.

Also note that 2FA will not work when the Decisions login is set up with Single Sign-On (SSO).
2FA is only meant for use with the login process. It cannot be called from a Flow via API.

Configuration

  1. Navigate to System > Settings, right-click Portal Settings and select Edit
  2. From the Edit Portal Settings window, scroll down to log in and check the Enable Two-Factor Authentication box. 
  3. Under Two-Factor Authentication Token Type, select the desired option, Numeric Only or Alphanumeric.
  4. Under Two-Factor Authentication Token Length, dictate the desired length (number of characters) for the Token. 
  5. Under Two-Factor Authentication Token Timeout, provide the desired number of Minutes for the Token's expiration.
  6. For v9.12 and above there is a setting Two-Factor Authentication Required Password. This will require the user to enter their password after entering their token on the authentication page.
  7. If desired, select an option under the Two-Factor Authentication Token Email Template
  8. Click SAVE to save changes and exit the Portal Settings. 


  9. Navigate to System > Security > Accounts; locate the desired Account, right-click it, and then select Edit Account. In v9.12 and above, newly created accounts do not need to have this applied to them.
  10. Under the Edit Entity screen, check Enable Two-Factor Authentication under the SECURITY category. Then, click SAVE. 

  11. Attempt to log into the Account, navigate to the Account's Email inbox, and copy the received authentication token. Then, navigate back to the Login screen. 
  12. SUBMIT the copied AUTHENTICATION TOKEN. If the token has expired, the user will get a prompt instructing them to login again. This will cause an email to be sent with a new token.


Feature Changes

DescriptionVersionRelease DateDeveloper Task
Various updates. See the release notes for more.9.12June 2025[DT-044756]


Related articles