Support
Account Options

Two-Factor Authentication

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

You can enable two-factor authentication – also known as two-step verification – to add an extra layer of security to your Invicti Enterprise account. When you first enable two-factor authentication, as you log in to Invicti Enterprise, you will be asked for your password and a one-time code or security key. You will not have to enable it again unless it is disabled. There are two ways to do this:

  • Using the Authenticator App
  • Using the U2F Security Key
How to Enable Two-factor Authentication in Invicti Enterprise
  1. Log in to Invicti Enterprise.
  2. Select [Your Name] (top right of window) > Two-factor Authentication
  3. From the Configure Two-factor Authentication window, select Use Authenticator App.
  4. Install a two-factor authentication app on your phone. Google Authenticator is a popular choice. You can download it from Google Play or the App Store.
  5. Launch the app on your phone, and use it to scan the QR Code displayed. Once the code is scanned, the mobile authenticator app displays a Invicti Enterprise verification code. 

  1. In the Current Password field, enter your Invicti Enterprise password.
  2. In the Please enter the 6-digit code generated by the application field, enter the verification code displayed in your mobile authenticator app.
  3. Select Configure to finalize the setup.
How to Enable Two-factor Authentication with the U2F Security Key
  1. Log in to Invicti Enterprise.
  2. Select [Your Name] (top right of window) > Two-factor Authentication
  3. From the Configure Two-factor Authentication window, select Use Security Key.
  4. Insert the U2F Security Key (such as Yubikey) into your computer’s USB port.

  1. In the Current Password field, enter your Invicti Enterprise password and click Configure to begin U2F Security Key setup.

  1. Tap the U2F Security Key after the popup for the finalizing setup.
How to Use U2F Security Key
  1. Log in to your Invicti Enterprise account using your username and password. If you have two-factor authentication enabled with U2F Security Key, the Two-factor Authentication window is displayed.

  1. Insert the U2F Security Key (such as Yubikey) into your computer’s USB port.
  2. Tap the U2F Security Key after the see popup below.

Two-factor Authentication Recovery Codes

Once you enable Two-factor Authentication in Invicti Enterprise, the service generates ten Recovery Codes, as illustrated.

The next time you log in to Invicti Enterprise, you will be asked for your email address and password, as usual. Next, you will be asked for the one-time verification code from your mobile app. If you are unable to access the mobile app during the login process, use one of the Two-factor Authentication Recovery Codes.

Download or copy the Recovery Codes to a secure place where only you can access them. Recovery Codes are needed only when you need to log in but do not have access to the two-factor authentication mobile app to generate a one-time code.

Please note that a Recovery Code can only be used once. If you use them all, disable and enable Two-factor Authentication again to regenerate new ones.

How to Use Recovery Codes
  1. Log in to your Invicti Enterprise account using your username and password. If you have two-factor authentication enabled, the Two-factor Authentication window is displayed.
  2. Select the Can’t access your phone? link. The Recovery Code field is displayed.
  3. Enter your Recovery Code.
  4. Select Sign In.