Two-Factor Authentication (2FA)

\# written by oleksandr melnyk | last published at october 23, 2025 \# # overview two factor authentication (2fa) is a security feature that adds an extra layer of protection to your enapps erp account when enabled, you'll need to provide both your password and a verification code to log in this verification code is sent either to your mobile phone via sms or to your designated email address, depending on your system's configuration the 2fa functionality helps prevent unauthorised access to your account, even if someone obtains your password by requiring a second form of verification that only you can access, 2fa significantly enhances the security of your erp system \# end user guide \# 2fa methods your enapps erp system supports two types of 2fa methods, configured by your system administrator sms based 2fa verification codes are sent to your mobile phone via text message email based 2fa verification codes are sent to your designated email address note the 2fa method available to you is determined by your system administrator you cannot switch between sms and email methods yourself—this is a system wide setting \# setting up two factor authentication to enable 2fa for your account, follow these steps click on your user name in the top menu bar and select "preferences" on the "general" tab, you'll see either the "sms based two factor authentication (2fa)" section or the "email based two factor authentication (2fa)" section, depending on your system configuration \# for sms based 2fa in the "mobile number" field, enter your complete mobile number including the country code (e g , +44 7700 900123 for uk numbers) the system accepts numbers in e 164 format with up to 15 digits click the authorise button the system will send a 6 digit verification code to your mobile number via sms once you receive the sms, enter the 6 digit code in the "verifying code" field click the confirm button to validate your mobile number once confirmed, your 2fa is now active the system will display "mfa method valid yes" to indicate successful activation important sms guidelines ensure your mobile number is entered in the correct international format with country code the verification code is time sensitive and should be entered promptly there is a limit on the number of sms messages you can request within a certain timeframe if you exceed this limit, you'll receive a message indicating when you can try again if you don't receive the sms, wait a few moments and click resend sms to request a new code \# for email based 2fa in the "two factor authentication email" field, enter a valid email address where you can receive verification codes this email address must be unique within the system click the send verification code button the system will send a 6 digit verification code to your email address check your email inbox (and spam folder if necessary) for an email with the subject "2fa verification code for user \[your name]" enter the 6 digit code from the email into the "verifying code" field click the validate email button to confirm your email address once validated, your 2fa is now active the system will display "mfa method valid yes" to indicate successful activation important email guidelines use an email address that you regularly monitor and have reliable access to the email address you provide must be unique—it cannot be used by another user in the system if you don't receive the email, check your spam or junk folder click resend email if you need to request a new verification code \# logging in with 2fa enabled once 2fa is enabled on your account, the login process changes slightly enter your username and password on the login page as usual after submitting your credentials, you'll be prompted to enter a verification code check your mobile phone (for sms) or email inbox (for email 2fa) for the 6 digit verification code enter the code on the verification screen click submit to complete your login device recognition the system remembers verified devices for a configurable period (typically up to 999 days) once you've verified a device, you may not need to enter a verification code every time you log in from that same device and browser, depending on your system's configuration \# managing your 2fa sessions you can manage your 2fa sessions from the preferences screen \# resetting your 2fa method if you need to change your mobile number or email address navigate to preferences in the 2fa section, click the reset button (sms) or disable email 2fa button (email) update your mobile number or email address follow the setup process again to authorise the new contact method \# clearing device sessions if you want to remove all remembered devices and force re verification on all devices navigate to settings >> users >> users open user account in question click the clear session button this will log you out from all devices and require to set up new 2fa verification on your next login from any device this is useful if you suspect unauthorised access or if you've lost a device that was previously authorised