Two-Factor Authentication FAQ
Review the following frequently asked questions and answers about two-factor authentication (2FA).
- Why do I need 2FA? How does 2FA add more security to OpenAir?
- Can I skip the 2FA setup?
- What do I need to know about authenticator apps?
- What authenticator app can I use for 2FA?
- I can’t scan the QR code as required in the 2FA setup, what should I do?
- The QR code and the setup key don't work. What's wrong?
- The code from my authenticator app isn’t right. What's wrong?
- There's not enough time to enter the verification code before it changes. What do I do?
- Can I transfer the 2FA setup from my old phone to a new one?
- What is my authenticator app?
- Can I switch authenticator apps?
- Where do I reset my 2FA?
- I can't reset my 2FA, what should I do?
- What is a trusted device?
Why do I need 2FA? How does 2FA add more security to OpenAir?
Two-factor authentication (2FA) adds an extra verification step when you sign in to OpenAir. This extra step prevents your account from unauthorized access, even when your password gets compromised. 2FA codes from your authenticator app are complicated to intercept, which makes 2FA a reliable form of authentication.
Can I skip the 2FA setup?
If your company requires you to sign in using 2FA, you can skip two-factor authentication (2FA) setup up to the number of times and number of days set by your account administrator. You will be asked to set up 2FA next time you attempt to sign in. After that, you won't be able to sign in to your company's OpenAir account until you complete the 2FA setup. See Set Up Two-Factor Authentication (2FA).
What do I need to know about authenticator apps?
An authenticator app generates the verification code (the second factor) that you need for signing in to OpenAir. It provides a code even when you’re not connected to a network.
What authenticator app can I use for 2FA?
You can use any authenticator app that complies with the OATH TOTP standard.
-
OATH stands for the Initiative for Open Authentication.
-
TOTP stands for time-based one-time password.
Oracle Mobile Authenticator is one example of OATH TOTP-compliant app.
You can use a term like OATH TOTP to search for other compliant authenticator apps.
I can’t scan the QR code as required in the 2FA setup, what should I do?
To scan the QR code, you may first need to select Scan a QR code or Add Account in the app.
For more information, see the help for your app.
-
If you've reset 2FA in OpenAir, you can use the same authenticator app to set up 2FA again.
-
If your app won’t scan the QR code or accept a manually entered key, delete the OpenAir account from your app, and try scanning the QR code again.
The QR code and the setup key don't work. What's wrong?
Your authenticator app may not be OATH TOTP-compliant. Try installing a different authenticator app. Oracle Mobile Authenticator is OATH TOTP-compliant.
For more information, see the help for your app.
-
If you've reset 2FA in OpenAir, you can use the same authenticator app to set up 2FA again.
-
If your app won’t scan the QR code or accept a manually entered key, delete the OpenAir account from your app, and try scanning the QR code again.
The code from my authenticator app isn’t right. What's wrong?
There are a few possible reasons for OpenAir not accepting the code from your authenticator app.
-
Verify that you've entered the code exactly as it appears in your authenticator app.
-
If you have more than one account listed in your authenticator app, be sure you're entering the code associated with your OpenAir account.
-
The time on your phone needs to be accurate. Directions for different versions of phone software vary. See Troubleshoot Authenticator Apps.
There's not enough time to enter the verification code before it changes. What do I do?
You can enter either the current or the previous verification code generated by the authenticator app. This gives you some additional time to enter the verification code even after it changes.
Can I transfer the 2FA setup from my old phone to a new one?
It depends on an authenticator app you use.
What is my authenticator app?
You may have used Oracle Mobile Authenticator to set up two-factor authentication (2FA) for OpenAir. You may also have used another app that complies with the OATH TOTP standard.
If you lost your mobile phone or you can’t access your authenticator app, contact the person in your company who manages OpenAir to reset 2FA. If you reset 2FA, you will be asked to set up 2FA again next time you sign in.
Can I switch authenticator apps?
Yes, the process is the same as when you need to reset your 2FA. See Reset Your Two-Factor Authentication (2FA) Settings.
Where do I reset my 2FA?
After you sign in to OpenAir, go to the user center (your avatar menu in the upper right corner), and click Two-factor authentication.
This page lets you reset 2FA. See Reset Your Two-Factor Authentication (2FA) Settings.
I can't reset my 2FA, what should I do?
If you can't generate a 2FA verification code, you need to contact your account administrator to help you reset 2FA.
What is a trusted device?
If your company’s OpenAir account allows you to add trusted devices, you can ask OpenAir to trust a device for several days when you sign in. This will let you sign in to OpenAir on that device without being asked to enter a verification code every time.
Each trusted device is removed automatically several days after you add it to your trusted devices, depending on your company’s OpenAir account configuration.
You or the person in your company who manages OpenAir can remove all your trusted devices at any time to protect your OpenAir account from unauthorized access, in case you share or lose one of your trusted devices, for example.