Two-Factor Authentication

Two-Factor Authentication (2FA) is an industry standard for multi-layered authentication. It requires two separate methods of verifying your identity by requesting something you know (ID and password) and something you have (an authenticator app on your phone). This provides an additional layer of security and ensures that no one else has access your Workato account.

How it works

Upon logging in with your ID and password, Workato will request authentication through an authenticator app.

Workato requesting two-factor authentication Workato requesting two-factor authentication

A unique verification code is generated for you whenever you login to your Workato account. It is a temporary 6-digit code that lets us know it is indeed you. Afterwards, the code will expire and cannot be reused.

Workato allows authentication through mobile applications and hardware security keys. Some of the common ones are:

Setup two-factor authentication

Let's go through the activation for two-factor authentication. You will need to be logged in to your Workato account and have your authenticator app ready. In this example, we will be using Symantec VIP.

Step Description
1 Open Account Setting.


Profile dropdown
2 Select Two-factor authentication > Setup two-factor authentication


Two-factor authentication disabled
3 Using Symantec VIP, scan the QR code.


Two-factor authentication setup
4 Copy the 6-digit verification code from Symantec VIP to the Workato setup.


Symantec VIP unique verification code

The Workato label and profile name lets you know that the connection between Symantec VIP and Workato platform is functioning properly.


Confirming authenticator app with Workato account
5 Save or download a copy of the recovery codes.


Recovery codes

Remember to store your recovery codes in a secure location. They are single-use codes to authenticate your login, in the event where you do not have your authenticator app with you.
6 Done! You have completed the one-time setup of your Workato two-factor authentication.


Two-factor authentication enabled

Disable two-factor authentication

In certain situations, you would have to disable your two-factor authentication. For example, in the event of a stolen device or switching to a new work device.

Step Description
1 Open Account Setting.


Profile dropdown
2 Select Two-factor authentication > Disable two-factor authentication


Two-factor authentication

This will remove the all trusted devices that were logged in with the authenticator app.

Recovery codes

Recovery codes are alphanumeric strings that are uniquely tied to your Workato account. You can use the recovery code to verify your identity in place of the 6-digit verification code. Every recovery code can be use only once.

Using recovery code Using recovery code

A list of 10 recovery codes are auto-generated at the two-factor authentication setup. You should store them in a secure location, preferably not in the same location as your authenticator app (i.e. not on your phone).

Lost authentication device

If you deleted your app, changed or lost your device (or security key), you can still access your Workato account. You can use a recovery code to perform two-factor authentication.

Upon logging in, you are advised to reset your two-factor authentication settings. By changing the two-factor authentication setting, you are preventing unwanted access to your account thru a stolen device. This also resets two-factor authentication to your new device.

First, disable two-factor authentication. Next, setup two-factor authentication with your new device.

Lost recovery codes

If you have not stored your recovery codes or have accidentally deleted them, you can retrieve them from your two-factor authentication setup.

To view your recovery codes, go to Account settings > Two-factor authentication > View recovery codes.

You are advised to store them in a secure but accessible location.

Generate new recovery codes

If you realised that you have misplaced your recovery codes, we advise that you generate a new set. Remember that other people can use the recovery codes to access to your Workato account!

You can also generate new recovery codes if they are depleting. Using the single-use recovery codes for two-factor authentication will reduce the total number of available codes. Generating a new set of recovery codes will ensure that you never get locked out of your Workato account.

Select Account settings > Two-factor authentication > View recovery codes > Regenerate recovery codes

Generate new recovery codes Generate new recovery codes

Trusted devices

You can temporarily disable two-factor authentication for trusted devices, like a secured work laptop. This allows the device to login without authentication for 30 days.

Select trust this device during the two-factor authentication process.

Trust this device for 30 days Trust this device for 30 days

results matching ""

    No results matching ""