Multi-factor authentication (MFA) is used to further secure your access to Red Canary. When enabled, we require a time-based one-time password (TOTP) code after you enter your username and password.
Multi-factor authentication codes can be generated by any standards-compliant multi-factor application, including:
- Google Authenticator
- Duo Mobile
- Microsoft Authenticator
- Authy
Codes can also be delivered via text message to the phone number set in your profile.
Setting up a new multi-factor authentication device
You can set up a new multi-factor authentication device to secure your logins to Red Canary.
If you are able to log in:
- Click your user avatar at top right > View profile.
- Under the Two Factor Authentication section, check Required.
- Verify current password by entering your current password and click Save changes.
- On the Now, let’s lock it down... page, download any of the listed multi-factor authentication applications to your mobile device.
- Scan the QR code using your multi-factor authentication app.
- Enter the verification code generated by your app.
- Click Verify.
If you are not able to log in, and single sign-on is not enabled:
You can register a new device by resetting your password if you do not have access to the device currently used to receive TOTP codes:
- Visit the Red Canary login page and click Forgot?.
- Enter your email address and click Send me reset instructions.
- Follow the instructions in the Password Reset email.
- Once logged in, follow the instructions above, under the If you are able to log in section.
If you are not able to log in, and single sign-on is enabled:
Any user with the Admin role can temporarily disable the multi-factor requirement for your account:
- Click Administration > Users & Roles in the site navigation.
- Click the ... icon next to the desired user.
- Click Disable MFA.