This guide details the steps necessary to set up and manage Two-Factor Authentication (2FA) on your Vision account, significantly improving your account's security.
What is 2FA?
Two-factor authentication (2FA) enhances your Vision account's security by adding an extra layer. Once activated, it requires a unique six-digit code in addition to your password to access your account. This code can be sent to you via email or generated by a Time-Based One-Time Password (TOTP) authentication app.
Where to Find 2FA Settings
To manage your 2FA settings, navigate to the “My Account” section of Vision and click on the “Security” tab.
Steps to set up email-based 2FA
- Log into Vision with your email and password.
- After logging in, on the starting page, you need to:
1. Click on your profile icon in the top-right corner. A flyout window will appear.
2. In this window, click on your email address to access the “My Account” menu.
Figure 1 – Navigating to your account settings
- Within “My Account”, under “ACCOUNT INFO,” verify that your email address is displayed. This is the email to which the verification (2FA) code will be sent. After verifying, select the “SECURITY” tab from the navigation bar.
Figure 2 – Account page
- In the Security tab, start setting up two-factor authentication by:
1. Clicking the “Setup” button to initiate the setup.
2. Then clicking the “Request” button. A 6-digit OTP will be sent to your email.
Figure 3 – Initiate 2FA setup for your account
- Check your email for the verification (2FA) code. Ensure to review spam/junk/other folders if not in the inbox.
Figure 4 – Check your email for verification (2FA) code
- Enter the received verification (2FA) code in the input field of the setup process to finalize the email verification.
Figure 5 & 6 – Enter the code to confirm the email-based 2FA protection for your account
How to add a mobile authenticator (TOTP) app to access verification codes (After email-based 2FA verification)
Following the initial setup of email-based 2FA, you have the option to add a Mobile TOTP App for a more convenient and flexible authentication experience. This step is particularly useful for those who prefer accessing authentication codes directly from their mobile devices. Below are the steps to integrate a Mobile TOTP App with your existing 2FA setup:
- Navigate to 2FA Settings: Follow the steps from the previous section to find the 2FA options.
- Installation: First, install a TOTP app like Authy, Microsoft Authenticator, or Google Authenticator on your mobile device.
- Initiate the 2FA Setup in Vision:
- Within the "SECURITY" tab, locate the "Two-Factor Authentication" options. Click on the “Set up authenticator app” to begin setup.
- Make sure the TOTP app is installed on your phone, then click "Next".
Figure 7 – Initiate "Authenticator app setup" in Vision
Option 1: Setup using QR code (Recommended)
- Open the authenticator app on your mobile device and find the "Scan QR code" option.
- Use your Authenticator app to scan the QR code displayed in the Authenticator app setup window in Vision.
Figure 8 – Scanning the QR code from the "Authenticator app setup" window using a mobile device
Option 2: Manual setup (Alternative method)
If you’re unable to scan the QR code, you can manually enter the setup key in your authenticator app on your mobile device. Here’s how:
- Select the option to add an account in your authenticator app and then choose to enter the setup key manually.
- Use the code provided in the Authenticator app setup steps in Vision to create a new entry in your authenticator app.
Figure 9 – Manual key entry (alternative method)
Note: Enter the key exactly as shown on the Vision setup page into your authenticator app on your mobile device.
- Verify & Finish: Once the app is set up, it will generate a unique code every 30 seconds. Input this code into Vision to complete the verification of the Authenticator app setup.
Figure 10 – Verify TOTP and Finish the setup
After verification, the 2FA setup with your mobile TOTP app is complete. For every subsequent login to Vision, you will be required to provide a new 6-digit code generated by your app or sent to your email as part of the login process.
Login with 2FA
After entering your username and password as usual, you will be presented with an additional step for code entry. This is part of the Two-Factor Authentication (2FA) process. Here are the 2FA options on login:
- I want to use an authenticator app code : If you set up the mobile TOTP app, the default option will be the Authenticator app. Enter the code from the app to login.
- I want to use mail code: If it is more convenient for you at any given moment to not use the TOTP app, you can select email verification. Also, if you have just set up email verification without the TOTP app, this will be the default and you can enter the code from the email to login.
- I want to use recovery code: You can also choose to login with a recovery code.
- Don't ask again on this device: Check this checkbox if you wish to bypass the 2FA prompt on future logins from the same device.
Figure 11 – 2FA Login
Managing and using recovery codes
Recovery codes are crucial for regaining account access if you lose access to your mobile phone and email. Here’s how to manage and use them:
- Go to the “SECURITY” tab of the “My Account” menu. Locate the “Recovery codes” options.
- Select “Show recovery codes”. A series of unique codes will display. Store these safely, as each can be used once if locked out.
- You can use the “Copy recovery codes” button to copy your recovery codes to clipboard.
- If locked out, use a single recovery code instead of the verification (2FA) code for login. After using a recovery code, consider generating a new set.
- If your recovery codes might be compromised or if used up, go back to “Recovery codes” and pick “Reset recovery codes”.
Figure 12 – Recovery codes
Note: Always save your recovery codes to a secure place! They can help you regain access to your account if you lose your mobile device or can’t access your email.
Managing Two-Factor Authentication settings
- Disable 2FA: To deactivate 2FA, you’ll need to provide a final 6-digit code from your authenticator app. However, remember that turning off 2FA reduces the security of your account.
- Reset Authenticator App: If you need to reconnect your authenticator app, use this option. It will revoke the current setup and allow you to re-establish a new connection with your mobile device. This is useful if you've changed phones or reinstalled the authenticator app.
Figure 13 – "Disable 2FA for your Vision account" and "Reset TOTP app" action-buttons
Troubleshooting & FAQs
Benefits of using 2FA on every login
Regular use of 2FA safeguards your account against unauthorized access, ensuring a secure login experience each time. This is especially useful for Space owner and Admin accounts.
Frequently Asked Questions
What if I lose my recovery code?
Contact your space owner to reset your Vision account or, as a last resort, you can also contact Vision customer support for advanced assistance. They will guide you through the process of regaining access to your account. Remember, it’s important to keep your recovery codes in a secure location to prevent this situation. If you suspect your recovery codes might be compromised, generate a new set as soon as possible.
Do I need 2FA for every Vision login?
While the initial setup for 2FA is a one-time process, each subsequent login will prompt you for a code from your authenticator app to ensure a secure experience. However, if you select the "Don't ask again on this device" option, you won't be required to enter the verification (2FA) code on subsequent logins from that device.
What is an authenticator (TOTP) app?
Authenticator apps, like Google Authenticator or Authy, produce temporary codes for secure logins. They are 2FA's second step. Vision is compatible with most authenticator apps.
Remember: Always keep your recovery codes and 2FA devices secure. For any issues or support, contact our dedicated Vision support team.