Protect your account with individual 2-step verification

  • Updated

This topic describes how to:

  • Enable or disable individual 2-step verification in your personal settings
  • Generate backup codes

Individual 2-step verification increases the security of an Optimizely Experimentation account by adding a second level of authentication when signing in. Instead of relying only on a password, individual 2-step verification requires you to enter a code that you access from your mobile phone. That way, you can rest easy knowing that the account is protected, even if your password is compromised.

This article walks you through how to enable and disable individual 2-step verification in your personal settings. This option is available to any collaborator on any account.

 
Note:

If you're an administrator for the account, you can also require that all collaborators on the account use 2-step verification. This article walks you through how to enable the account-level 2-step verification requirement.

Enable individual 2-step verification

To get started with 2-step verification, follow these steps:

  1. Download and install an authenticator app for your phone. Currently, you can choose from Google Authenticator (Android, iOS, Blackberry), Duo Mobile (Android, iOS) or Microsoft Authenticator (Windows Phone).

    These apps generate secret codes for your phone every 30 seconds. When you log in to Optimizely Experimentation, you’ll need the most current code to gain access to your account.

  2. Enable individual 2-step verification.

    In Optimizely Experimentation, navigate to Profile. Under 2-Step Verification, select Enable:
    2-step-enable.png

  3. Enter your Optimizely Experimentation password to confirm 2-step verification and click Next.
    enable-individ-2-step.png

  4. Open the authenticator app from your mobile device and use it to scan the QR code generated by Optimizely Experimentation. This will link your account to your phone.
    2-step-qr.png

  5. Your phone’s authenticator app will generate a security code. Enter this security code in the Optimizely Experimentation field and click Next.
    2-step-auth-code.png

    If you are encountering an error where your authentication codes are showing as invalid, review the steps in the Troubleshooting section.

  6. Upon successful enrollment, you will be shown a modal containing your backup codes. Save these in a safe place as you will need them in case you lose your phone or cannot access your authenticator app. Read the Backup Codes section for more information.

Signing in 

After you enable individual 2-step verification, you will need to enter a current security code from your authenticator app in addition to your password any time you sign in to Optimizely Experimentation.

We suggest you follow these steps:

  1. Sign in to Optimizely Experimentation using your username and password. Doing so will prompt you to enter your security code. 
    2-step-ver-screen.png

  2. Open your authenticator app on your mobile device. It will generate a new security code every 30 seconds.

  3. Enter the current security code and click Verify before the code expires.

Backup Codes

When you enable individual 2-step verification, you are given a list of backup codes similar to these:
backup-codes.png

It's important to write down the codes generated for you and store them in a safe place. If you lose your phone or cannot access your authenticator app, you can use a backup code for one-time access to your account. After a code is used, it is no longer valid.

You can generate new backup codes any time by clicking Generate New Backup Codes under Profile > Preferences > 2-Step Verification. This renders all older codes invalid.

Troubleshooting: Authentication codes are invalid

If after you scan your QR code and are inputting your authentication code in for the first time, or are returning to log in and noticing that your generated authentication codes are being flagged as invalid, it might be because of the time on your Google Authenticator app is not synced correctly.

To make sure that you have the correct time:

  • Go to the main menu on the Google Authenticator app
  • Click Settings
  • Click Time correction for codes
  • Click Sync now

On the next screen, the app will confirm that the time has been synced, and you should now be able to use your authentication codes to sign in. The sync will only affect the internal time of your Google Authenticator app on your Android phone, and will not change your device's Time and Date settings.

Disable individual 2-step verification

If you no longer want the extra protection provided by individual 2-step verification, you can disable the feature in your Account Settings. Just select Disable (instead of Enable), click Save, and enter your Optimizely Experimentation password when prompted.

Locked out?

If you are having trouble logging into your account using individual 2-step verification, try the following steps in order:

  1. Use one of the backup codes generated during your initial sign-up.

  2. If you are using an authentication app such as Google Authenticator, check the app's time correction settings and re-sync the app if necessary.

  3. If you are still signed into Optimizely Experimentation (on another device, for example), turn off individual 2-step verification within your Account Settings.

  4. Ask an administrator on your account to open a support ticket on your behalf. Provide the user's email address whose 2-step verification is not working. If you are an administrator on the account and can't log in, have another administrator file a support ticket on your behalf.

If these steps do not work, please file an online ticket for support.