Managing 2-Step Verification

2-Step Verification is an authentication method that requires you to use more than one way of verifying your identity, providing a second layer of security to your account.

When you sign in to an identity domain, you’re prompted for your user name and password, which is the first factor. You then might be required to provide a second type of verification. Providing a second type of verification is called 2-Step Verification. The two factors work together to add an additional layer of security by using either additional information or a second device to verify your identity and complete the sign-in process.

Set up 2–Step Verification for your account either during 2–Step Verification enrollment or using the 2–Step Verification page from the self-service console. Also, use the 2–Step Verification page to perform tasks such as enabling and disabling 2–Step Verification, setting up authentication methods, trusting a device, and generating bypass codes.

Enrolling in 2–Step Verification During 2–Step Verification Enrollment

Use the following tasks in the table as guide when enrolling in 2–Step Verification during 2–Step Verification enrollment.
Task Description Additional Information

Enroll in 2–Step Verification for Your Account

Learn how to enroll in 2–Step Verification during 2–Step Verification enrollment and the authentication methods available to you.

Setting Up 2–Step Verification During Enrollment

Add Backup Verification Methods

Learn how to add backup verification methods for your account when you enroll in 2–Step Verification.

Adding Backup Verification Methods

Trust a Device

Learn how to trust a device when you enroll in 2–Step Verification.

Trusting a Device

Set a Default Verification Method

Learn how to set a default verification method when you enroll in 2–Step Verification.

Setting a Default Verification Method

Setting up 2–Step Verification Using the 2–Step Verification Page

Use the following tasks in the table when setting up 2–Step Verification for your account from the 2–Step Verification page in the self-service console.
Task Description Additional Information

Adding a 2–Step Verification Method

Learn how to add 2–Step Verification methods on the 2–Step Verification page and the authentication methods that are available to you.

Configuring an Additional 2–step Verification Method

Removing a 2–Step Verification Method

Learn how to remove 2–Step Verification methods on the 2–Step Verification page.

Removing a 2–Step Verification Method

Renaming a 2–Step Verification Method

Learn how to rename a 2–Step Verification method on the 2–Step Verification page.

Renaming a 2–Step Verification Method

Managing Security Questions

Learn how to set up and manage security questions on the 2–Step Verification page.

Managing Security Questions

Generating a Bypass Code

Learn how to generate bypass codes on the 2–Step Verification page.

Generating a Bypass Code

Using a Bypass Code

Learn how to use a bypass code.

Using a Bypass Code

Removing a Trusted Device

Learn how to remove a trusted device on the 2–Step Verification page.

Removing a Trusted Device

Using the Console

Setting Up 2–Step Verification During Enrollment

2-Step Verification is an authentication method that requires you to use more than one way of verifying your identity, providing a second layer of security to your accounts.

After you enter your user name and password at the login page, you use a second verification method, such as a passcode that is sent as an SMS to your mobile device. Second verification methods prevent anyone but you from logging in, even if they know your password. You can set up 2-Step Verification for your account during 2-Step Verification enrollment or using the My Profile console independent of enrollment. This section covers the steps to set up authentication methods during enrollment, and also the steps required to use those methods to verify your identity during sign-in.

The following 2–Step Verification methods are supported:

  • Text Message (SMS)
  • Mobile App OTP and Notifications
  • Security Questions
  • Email
Changing Your Default Verification Method During Enrollment

You can change your default verification method when you sign in.

  1. Enter your username and password in an MFA-protected environment.
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
  3. Select a different verification method. You are then prompted to enter the required verification for that method.
  4. Enter the required verification.
  5. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.
Setting up a Mobile Number

Enroll your mobile number as a 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile SMS.
  4. Enter the mobile number where you want to receive the passcode, and then click Send Passcode.
    An SMS passcode is sent to your mobile device.
  5. Enter the passcode into the Passcode box, and then click Verify Mobile Device.

    The Successfully Enrolled page appears.

    If you do not receive a text, click Resend.

  6. (Optional) To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
  7. Click Done.
Setting up the Oracle Mobile Authenticator App

Enroll the Oracle Mobile Authenticator (OMA) app as a 2–step verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile App.
    You are prompted to download the Oracle Mobile Authenticator app from the app store.
  4. After you install the OMA app, you need to link it to an account. You can add an account three ways:
    1. Scan the Quick Response (QR) code
    2. Enter the key manually
    3. Use the enrollment URL
    After you add the account using one of these methods, OMA app enrollment is complete.
Setting up a Third-Party Authenticator App

Enroll a third-party authenticator app as a 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile app, and then follow the instructions.
  4. Scan the offline version of the Quick Response (QR) code that appears for use with third-party authenticators. If you can’t scan the QR code, you are also given the option enter the key manually. You can use either option with the third-party authenticator app. We recommend using the Oracle Mobile Authenticator as it supports notifications and many important security features.
  5. After set up is complete on the Authenticator app, a one-time passcode (OTP) appears for your account in the third-party authenticator app. Enter that OTP on the Enable 2-Step Verification page, and then click Verify.
    The Successfully Enrolled page appears.
  6. Click Done.
    To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
Setting up Security Questions

Enroll in the security questions 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Security questions.
    The number of security questions that you are required to answer appear.
  4. Select the questions, and then provide your answers.
  5. (Optional) Enter answer hints. The answer and the hint can’t be the same.
    The hint appears as a tooltip when you are using security questions as your second authentication method.
  6. Click Save.
    The Successfully Enrolled page appears.
  7. Click Done.
    To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
Setting up a Recovery Email or Another Email

Enroll your email as your 2–Step Verification method.

Note

Depending on how your administrator has configured your email settings, you might see either Recovery Email, or Email, or both as 2–Step Verification options.
When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Recovery Email or Email.
    A one-time passcode is sent to your primary email address.
  4. Enter the passcode into the Code box, and then click Verify Email Address.
  5. (Optional) To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
  6. Click Done.

Using 2–Step Verification Authentication Methods

Using a Mobile Number

After you enroll your mobile device as a 2–Step Verification method, use it to provide a second method of verification when you sign in.

  1. Enter your username and password in an MFA-protected environment. />
    The Mobile Number Verification page appears, with a message saying that a passcode was sent to your mobile number.
  2. Get the passcode from your mobile device and enter it into the Passcode box.
    If you didn’t receive the passcode, click Resend Passcode.
  3. (Optional) If enabled by the administrator, select the Trust this computer for _ days check box to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. An administrator specifies the number of days.
  4. Click Verify.
  5. (Optional) If you can’t receive a text, for example, you don’t have your phone with you, click Show alternative login methods to use an alternative method to verify your identity.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  6. (Optional) You can also select Show alternative login methods to change your default verification method.
    1. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
    2. Select a different verification method. You are then prompted to enter the required verification for that method.
    3. Enter the required verification.
    4. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.
Using the Oracle Mobile Authenticator

After you enroll the Oracle Mobile Authenticator (OMA) app as a 2–Step Verification method, use it to provide a second method of verification to securely sign in to applications.

  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. The authentication method that displays depends on the MFA method that your administrator enabled:
    If your administrator enabled both Mobile App OTP and Mobile App Notification, Mobile App Notification is the default method pushed to your phone for authentication.
    1. Mobile App OTP

      To avoid clock skew, which is the time difference between the server and your device, ensure that your device clock is synchronized. The maximum allowed time difference is 90 seconds.

      • You are prompted to enter the passcode that is generated by the OMA app on your mobile device.
      • Tap the OMA app on your device to launch it.
      • Tap the account for which you want to generate a new OTP. An OTP for the account appears, and the countdown begins until a new OTP is automatically generated.
      • Enter or paste that passcode into the Passcode box on the 2-Step Verification page, and then click Verify.

    2. Mobile App Notification
      • You are prompted to open and respond to the notification that was sent to the OMA app on your mobile device.
      • Open the notification in the OMA app, and then tap Allow.
  3. (Optional) If enabled by the administrator, select the Trust this computer for _ days check box to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. An administrator specifies the number of days.
  4. (Optional) If you are unable to use the OMA app, for example, you don’t have your phone with you, click Show alternative login methods to use an alternative method to verify your identity.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  5. (Optional) You can also select Show alternative login methods to change your default verification method.
    1. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
    2. Select a different verification method. You are then prompted to enter the required verification for that method.
    3. Enter the required verification.
    4. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.
Using a Third-Party Authenticator App

After you enroll a third-party authenticator app as a 2–Step Verification method, use it to provide a second method of verification when you sign in.

  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.

    You are prompted to enter the passcode that is generated by the third-party authenticator app on your mobile device.

  2. Enter that passcode into the Passcode box on the 2-Step Verification page.
  3. (Optional) Select the Trust this computer for _ days check box (if enabled by your administrator) to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. The number of days is defined by your administrator.
  4. Click Verify.
  5. (Optional) If you are unable to use the App, for example, you don’t have your phone with you, click Show alternative login methods to use an alternative method to verify your identity.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  6. Optional. You can also select Use backup verification method to change your default verification method.
    1. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
    2. Select a different verification method. You are then prompted to enter the required verification for that method.
    3. Enter the required verification.
    4. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.
Using Security Questions

After you enroll in the security questions 2–Step Verification method, use it to provide a second method of verification when you sign in.

  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. Enter the answers to your security questions.
  3. (Optional) If enabled by the administrator, select the Trust this computer for _ days check box to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. An administrator specifies the number of days.
  4. Click Verify.
  5. (Optional) If you forgot your answers, click Show alternative login methods to use an alternative method to verify your identity.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  6. (Optional) You can also select Show alternative login methods to change your default verification method.
    1. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
    2. Select a different verification method. You are then prompted to enter the required verification for that method.
    3. Enter the required verification.
    4. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.
Using a Recovery Email or Another Email Address

After you enroll your email as a 2–Step Verification method, use it to provide a second method of verification when you sign in.

Note

Depending on how your administrator has configured your email settings, you might see either Recovery Email, or Email, or both as 2–Step Verification options.
  1. Enter your username and password in an MFA-protected environment. />

    The 2-Step Verification page appears, and then you are prompted for your second verification method.

    If email is your default 2–Step Verification method, an email that contains a passcode is sent to your email address.

    If email isn’t your default 2–Step Verification method, you can click Show alternative login methods and select Recovery Email or Email from the list of alternative methods.

    After you enroll in email as a 2–Step Verification method, if you change your email address and the change is verified, a passcode is automatically sent to the updated email address. You don't need to re-enroll.

  2. Enter that passcode into the Passcode box on the Email Verification page.
    If you didn’t receive the email, click Resend email.
  3. (Optional) If enabled by the administrator, select the Trust this computer for _ days check box to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. An administrator specifies the number of days.
  4. Click Verify.
  5. (Optional) If you can’t receive an email, click Show alternative login methods to use an alternative method to verify your identity.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  6. (Optional) You can also select Show alternative login methods to change your default verification method.
    1. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
    2. Select a different verification method. You are then prompted to enter the required verification for that method.
    3. Enter the required verification.
    4. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.

Managing 2–Step Verification from the My Profile Console

If you skipped enrolling in 2-Step Verification when you signed in to an identity domain, then you can do so from the Security tab of the My Profile console.

2-Step Verification is an authentication method that requires you to use more than one way of verifying your identity, providing a second layer of security to your accounts. After you enter your user name and password at the login page, you use a second verification method, such as a passcode that is sent as an SMS to your mobile device. Second verification methods prevent anyone but you from logging in, even if they know your password. You can set up 2-Step Verification for your account during 2-Step Verification enrollment or using the My Profile console independent of enrollment.

You can set up more than one 2-Step Verification method. The identity domain administrator or security administrators choose which methods are available to you.

  • Mobile App: Use a mobile app to generate a time-based passcode (OTP). A prompt appears for you to enter the passcode that you obtain from the mobile app. Or, a sign-in request is sent to the mobile app and you tap Allow to authenticate.
  • Mobile Number: Send a passcode as a text message (SMS) to your phone that you then enter on the page.
  • Security Questions: Answer security questions.
  • Recovery Email or Email: Send an OTP to your email address.
    Note

    Your administrator determines whether you see options for Recovery Email, Email, or both.
  • Bypass Code: Generate a bypass code and store it for later use. You can also contact an administrator to obtain a bypass code for access.
  • Duo Security: If Duo Security is enabled, use Duo Security as an MFA factor.
Enrolling in 2-step Verification After First Sign In

If your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console Security tab.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. In the 2-Step verification section, click Enable.
  3. In the 2-Step verification dialog box, click the button for the method you want to enable as your default method.
  4. Follow the prompts to complete your enrollment.

    See the topic for the method you selected, under Setting Up 2–Step Verification During Enrollment, for more detailed instructions.

Adding Backup Verification Methods

When you need to sign in and provide a second verification method, backup verification methods come in handy if you have left your device at home, for example.

To set up an additional method during Multi-Factor Authentication (MFA) enrollment, on the Successfully Enrolled page of the 2-Step Verification flow, select another method from the bottom of the page. You then complete the enrollment process for that method. Alternatively, you can set up another methods using the My Profile console, Security tab.

Trusting a Device

When you access an app for the first time using your 2-Step Verification method from your computer or a device, you can specify that your computer or device is "trusted." Trusted devices don’t require you to provide a second method of authentication each time that you sign in.

This feature is similar to the “remember my computer” option that you often see during authentication on many websites. When you sign in and provide your second verification method, select the Trust this computer for _ days check box. That device is then listed in the Trusted devices section of the Security tab in the My Profile console. See Manage 2–Step Verification from the My Profile Console.

If you choose not to trust the computer, you are prompted for 2-Step Verification each time that you sign in from that device. You have the opportunity each time that you log in to trust the computer or device.

Removing a Trusted Device

If you no longer plan to connect to an identity domain using a trusted device, you can remove it from Trusted Devices.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. Scroll down to the Trusted devices section.
  3. In the pane for the trusted device that you want to remove, click the Actions menu, and select Remove.
  4. In the Confirmation dialog box, click OK.
    The next time that you sign in from that device, you are prompted for a second verification method to sign in.
Configuring an Additional 2–step Verification Method

Use the 2–Step Verification section of the Security tab in the My Profile console to configure an additional verification method for your account.

Note

Only Mobile Number and Mobile App methods can be added from the My Profile console Security tab.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. Locate the method that you want to add, and in the pane for that method, click Configure.
  3. Complete the enrollment wizard to add the method.
    These are the same steps that you perform when you set up an authentication method during enrollment. See the topic for the method you want to add under Setting Up 2–Step Verification During Enrollment.
Removing a 2–Step Verification Method

Use the 2–Step Verification section of the Security tab in the My Profile console to remove a verification method from your account.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. Click Security.
  3. In the method pane for the method that you want to remove, click the Actions menu and select Remove.
  4. Click OK when prompted to confirm the removal.
    Note

    You can't remove all the methods. If you have only one method configured, an error message appears at the top of the page when you confirm the removal.
Renaming a 2–Step Verification Method

Use the 2–Step Verification section of the Security tab in the My Profile console to rename a verification method associated with your account.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

Note

Only Mobile App methods can be renamed.

You might want to rename a method, for example, when you add another mobile number, and you want each name to be unique.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. In the method pane for the method that you want to remove, click the Actions menu and select Rename.
  3. Enter a new name for the method, and then click Save.
Managing Security Questions

Use the 2–Step Verification section of the Security tab in the My Profile console to set up and manage security questions that are associated with your account.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. In the Security Questions pane:
    • If the Security questions pane is Configured, click the Configure link.
    • If the Security questions pane is Not configured, click the Action menu and select Edit.
  3. In the Security questions dialog box:
    1. Select the questions, and then provide your answers.
    2. (Optional) Enter answer hints. The answer and the hint can’t be the same.
      The hint appears as a tooltip when you are using security questions as your second authentication method.
    3. Click Save.
Generating a Bypass Code

A bypass code is useful as a second verification method when you forgot your phone, don’t have service, or can’t access your computer. You can generate bypass codes after you enroll in 2-Step Verification, and then store the codes in a safe place.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. In the Bypass codes section, click Generate.
  3. In the Bypass code dialog box, copy your bypass code, and then store it in a safe place for use the next time that you need a backup verification method.
    Note

    The Bypass code dialog box displays the number of uses allowed. Your bypass code doesn't expire, but you can only use it one time.
  4. Click Done.
  5. (Optional) To view and copy your bypass code, in the Bypass code pane, click the RevealReveal button icon.
  6. (Optional) To send the bypass code to yourself in an email:
    1. In the Bypass code pane, click the Actions menu and select Email.
    2. In the Confirmation dialog box, click Email.
Using a Bypass Code

After you generate bypass codes, you can use them as a second method of verification when you forget your phone, don’t have service, or can’t access your computer.

  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. If you can’t use your usual second verification method (for example, because you don’t have your phone or you have no Internet connectivity), click Show alternative login methods to use an alternative method to verify your identity.
  3. In the Alternative login methods section of the page, click Use a bypass code.
    Note

    You must have previously set up more than one verification method, such as using a bypass code that you previously generated and stored in a safe place. If you haven’t set up more than one verification method, you can call the help desk and have a bypass code generated for you.
  4. Enter your code in the Bypass code box.
    If you can't locate your bypass code, contact the help desk to have an administrator generate a bypass code for you.
  5. (Optional) If enabled by the administrator, select the Trust this computer for _ days check box to skip providing a second method of authentication for the number of days indicated when you sign in from the same device. An administrator specifies the number of days.
  6. Click Verify.
Setting a Default Verification Method

When you enable 2-Step Verification, you can set a 2-Step Verification method as your default.

You can change your default verification method the first time that you sign in to an MFA protected environment, or you can use the My Profile console, Security page.

  1. Enter your username and password in an MFA-protected environment. /> On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification. Or, from the Security page in the My Profile console, click Enable.
  2. Click the Action menu icon at right end of the 2-Step Verification line and select Change Default.
  3. In the Select Default dialog box, select a new verification method and click Done.
You can also change your default verification method during sign-in. See Change Your Default Verification Method During Login.
Changing Your Default Verification Method

If you are enrolled in more than one method, you can specify which verification method is the default.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
    A check mark on the method pane indicates your current default verification method.
  2. In the 2-Step verification section, click the Actions menu and select Change default.
  3. In the Change Default dialog box, select the method that you want to use as your default verification method.
    Note

    Only those 2–Step Verification methods that you are enrolled in are displayed.
  4. Click Done.
The check mark appears on the method pane that you set as your default.
Disabling or Re-Enabling 2-Step Verification

If your administrator has made 2-Step Verification optional, you can disable and re-enable your enrollment from the My Profile console.

Enable 2-Step Verification. Users usually enable 2-step verification automatically when they first sign in. However, if your administrator made 2-Step Authentication optional, and you have clicked Skip each time you sign in, you can enable 2-Step Authentication in the My Profile console, Security tab. See Enrolling in 2-step Verification After First Sign In.

  1. Click your user avatar, and then select My Profile. In the My Profile console, click Security.
  2. To disable 2-Step Verification:
    1. Open the Actions menu at the right end of the 2-Step verification line and select Disable.
    2. In the Disable 2-Step verification dialog box, click Disable.
      Note

      If your administrator has made 2-Step Verification required, disabling it from the My Profile console has no effect.
  3. To re-enable 2-Step Verification:
    1. In the 2-Step verification section, click Enable.
    2. In the 2-Step verification dialog box, click the button for the method you want to enable as your default method.
    3. Follow the prompts to complete your enrollment.

      See the topic for the method you selected, under Setting Up 2–Step Verification During Enrollment, for more detailed instructions.