Account recovery when 2FA is lost
This document explains how to retrieve an account that can not log in anymore. This can be caused by the removal or malfunctioning of an authenticator app.
It is recommended that you set up a trusted administration network, which should allow admin accounts to log in without an additional login method (2FA). This way, administrators can log in and restore the 2FA method when needed.
Set up a trusted network.
- Log in to ZIVVER WebApp.
- Go to the bottom left of the screen for the Organization settings tune .
- Click Trusted networks wifi_lock .
- Click ADD.
- Enter the IP address (network string) that you wish to exempt from 2FA, in CIDR notation.
- Enter a description.
- Click ADD
Check the option No extra login method (2FA) needed within the trusted networks.
Logging in without 2FA is less secure! Don’t forget to switch off the trusted network once the colleague has set up a new 2FA method!
You have set up a trusted network. The following steps describe how the admin can reset the additional login method (2FA).
Reset additional login method (2FA)
- Log in to the WebApp.
- Go to the bottom left of your screen for Settings settings .
- Click Security security .
- Click the trash bin icon delete_forever and remove the old 2FA method.
- Click SETUP.
A new window opens.
- Click NEXT.
- Select the option Authenticator App or SMS code.
- Click NEXT
- Follow the steps shown in 2FA Setup with Chrome Authenticator or 2FA Setup with SMS to set up an additional login method.
In the last screen, download the backup codes.
The backup codes are usually stored in your Downloads folder.Safely store the backup codes. You must use these codes to log in when your extra login method is not available.