# Two-Factor Authentication

SUMMARY

  • Workato uses Two-Factor Authentication (2FA) for enhanced security, requiring both ID/password and a code from an authenticator app.
  • To enable 2FA, go to Settings > Two-factor authentication > Set up two-factor authentication. Scan the QR code with your authenticator app, then enter the 6-digit verification code from the app.
  • 2FA can be temporarily or permanently disabled in specific situations, with recovery codes serving as an alternative access method.

Two-Factor Authentication (2FA) is an industry standard for multi-layered authentication. It requires two separate methods of verifying your identity by requesting something you know (ID and password) and something you have (an authenticator app on your phone). This provides an additional layer of security and ensures that no one else has access your Workato account.

# How it works

Set up 2 Factor Authentication (2FA) in 2 minutes

There are multiple situations in which you may be prompted to authenticate your Workato credentials through an authenticator app, including:

  • When you log in to a workspace that requires two-factor authentication with your email and password.

  • When you switch from a workspace that does not require two-factor authentication to a workspace that does require two-factor authentication.

Workato requesting two-factor authentication Workato requesting two-factor authentication

A unique verification code is generated for you whenever you login to your Workato account. It is a temporary 6-digit code that lets us know it is indeed you. Afterwards, the code will expire and cannot be reused.

# Choose an authenticator app

Workato allows authentication through mobile applications. Some common ones are:

# Setup two-factor authentication

Let's go through the activation for two-factor authentication. You will need to be logged in to your Workato account and have your authenticator app (opens new window) ready. In this example, we will be using Google Authenticator.

1

Open Account Settings. Profile dropdownProfile dropdown

2

Select Two-factor authentication > Setup two-factor authentication. Enable 2FATwo-factor authentication disabled

3

If prompted to verify your password, input your password and click verify password. Learn more. Verify passwordVerify your password

4

Using Google authenticator, scan the QR code. Otherwise, you can register with the code provided.

2FA setupTwo-factor authentication setup

5

Copy the 6-digit verification code from Google authenticator.

The Workato label and profile name lets you know that the connection between Google authenticator and the Workato platform is functioning properly.

Verification codeGoogle authenticator unique verification code

6

Paste the verification code into Workato.

Confirm appConfirming authenticator app with Workato account

7

Save or download a copy of the recovery codes.

Recovery codesRecovery codes

Remember to store them in a secure location. Find out more about recovery codes.

8

Done! You have completed the one-time setup of your Workato two-factor authentication.

DoneTwo-factor authentication enabled

# Disable two-factor authentication

In certain situations, you would have to disable your two-factor authentication. For example, in the event of a stolen device or switching to a new work device.

1

Open Account Settings.

Profile dropdownProfile dropdown

2

Select Two-factor authentication > Disable two-factor authentication. 2FATwo-factor authentication

TRUSTED DEVICES

Disabling two-factor authentication removes all trusted devices that were logged in with the authenticator app.

3

If prompted to verify your password, input your password and click verify password. Learn more

Verify passwordVerify your password

4

Click Disable 2FA.

Disable 2FADisable two-factor authentication

# Recovery codes

Recovery codes are alphanumeric strings that are uniquely tied to your Workato account. You can use the recovery code to verify your identity in place of the 6-digit verification code. Each recovery code can be used only once.

Using recovery code Using recovery code

A list of 12 recovery codes are auto-generated at the two-factor authentication setup. You should store them in a secure location, preferably not in the same location as your authenticator app (i.e. not on your phone).

# Lost authentication device

If you deleted your app, changed, or lost your device (or security key), you can still access your Workato account. You can use a recovery code to perform two-factor authentication.

Upon logging in, you are advised to reset your two-factor authentication settings. By changing the two-factor authentication setting, you are preventing unwanted access to your account thru a stolen device. This also reconfigures two-factor authentication to your new device.

First, disable two-factor authentication. Next, setup two-factor authentication with your new device.

# Lost recovery codes

If you have not stored your recovery codes or have accidentally deleted them, you can retrieve them from your two-factor authentication setup.

To view your recovery codes, go to Account settings > Two-factor authentication > View recovery codes.

View recovery codes View recovery codes

You are advised to store them in a secure but accessible location.

# Generate new recovery codes

If you realized that you have misplaced your recovery codes, we advise that you generate a new set. Remember that other people can use the recovery codes to access to your Workato account!

You can also generate new recovery codes if they are depleting. Using the single-use recovery codes for two-factor authentication will reduce the total number of available codes. Generating a new set of recovery codes will ensure that you never get locked out of your Workato account.

Select Account settings > Two-factor authentication > View recovery codes > Regenerate recovery codes

Generate new recovery codes Generate new recovery codes

# Trusted devices

You can temporarily disable two-factor authentication for trusted devices, like a secured work laptop. This allows the device to login without two-factor authentication for 30 days.

Select trust this device during the two-factor authentication process.

Trust this device for 30 days Trust this device for 30 days

Your trusted devices will appear on the two-factor authentication setting's page. You can revoke access to devices you do not recognize or to devices that are no longer in use.

Trusted devices Trusted devices

# Why verify password

When initiating changes in your account security settings, Workato will ask you for your password as an additional layer of authentication. This applies when making changes to your two-factor authentication configuration, which includes enabling two-factor authentication and viewing recovery codes.

After you have verified your password, we will not ask you to verify it again during the next 15 minutes.

Verify password Verify password

NEED A PASSWORD?

If you signed up for Workato using SSO, or if your workspace is switching authentication methods from SAML SSO to 2FA and you do not have a password to verify your Workato account, you must reset your password using your email by clicking the Forgot password link on the sign-in page.


Last updated: 11/27/2023, 9:51:04 PM