Using 2FA
Authenticator apps for generating 2FA verification codes are supported in all NetSuite accounts.
As of March 1, 2023, users setting up or resetting their 2FA configurations must install and use an authenticator app to generate verification codes. Receiving codes by SMS will no longer be supported for users setting up 2FA for the first time, or for existing users who reset their 2FA settings. Users can also log in with the one-time backup codes provided during 2FA setup.
The SMS option is currently only prohibited for new 2FA setups. However, industry experts (such as NIST, W3C, and the FIDO Alliance) no longer view SMS as a secure delivery mechanism for 2FA verification codes. As part of our ongoing commitment to world-class security, the SMS option is targeted for removal in a future NetSuite release.
After completing the initial 2FA setup, see the following topics about using 2FA in NetSuite:
After you set up your 2FA preferences, you may want to change them. For example, you may want to change your authenticator app. Or you might have lost your phone, bought a new one, or changed your phone number. To change your preferences, you must first reset (or clear) your 2FA settings in NetSuite. See Reset Your 2FA Settings. After the reset is completed, you must start the 2FA setup process from the beginning.
2FA Access to Sandbox Accounts
When your sandbox is refreshed, roles that require 2FA authentication are copied from your production account to your sandbox. Your 2FA setup is also copied to your sandbox account. No additional 2FA setup is necessary.