Account Security - Two-Factor Authentication & Trusted Devices

How to Manage Your Account Security

Protect your Infodeck account with two-factor authentication (2FA) and manage your trusted devices.

Quick Summary

Go to your Profile icon → Account Security tab to enable 2FA and manage trusted devices.

---

Before You Begin

Note

These are your personal security settings. If your organization has enforced mandatory 2FA, you cannot disable it. See Organization Security for org-wide settings.

---

What is Two-Factor Authentication?

Two-Factor Authentication (2FA) adds an extra layer of security to your account. When enabled:

1. You enter your password as usual
2. A 6-digit code is sent to your email
3. You enter the code to complete sign-in

This means that even if someone gets your password, they can't access your account without also having access to your email.

---

Step-by-Step: Enable 2FA

Step 1: Open Account Security

1. Click your Profile icon in the top right corner
2. Select My Profile
3. Click the Account Security tab

Step 2: Enable Two-Factor Authentication

1. Find the Two-Factor Authentication section
2. Look for Email Verification
3. Click the toggle switch to turn it ON

Step 3: Verify Your Email

1. A verification code is sent to your registered email
2. Enter the 6-digit code in the prompt
3. Click Verify

Success

You'll see a confirmation: "2FA enabled successfully"

Step 4: Save Recovery Information (Recommended)

After enabling 2FA:

• Note down your registered email address
• Ensure you have reliable access to this email
• Consider adding a backup email to your account

---

Step-by-Step: Disable 2FA

caution

If your organization requires mandatory 2FA, you cannot disable it. The toggle will be locked with a message explaining this.

Step 1: Open Account Security

1. Click your Profile icon in the top right corner
2. Select My Profile
3. Click the Account Security tab

Step 2: Disable Two-Factor Authentication

1. Click the toggle switch to turn it OFF
2. Confirm your choice when prompted
3. You may need to enter a verification code

Organization Policy

If you see "Two-Factor Authentication is mandatory for your organization," you cannot disable 2FA. This setting is managed by your administrator.

---

Managing Trusted Devices

When you sign in with 2FA, you can choose to "trust" a device. Trusted devices skip the 2FA code on future logins.

What is a Trusted Device?

A trusted device is a browser/device combination where you've chosen to remember your 2FA verification. This makes signing in faster while still keeping your account secure.

Viewing Trusted Devices

1. Go to Profile → Account Security
2. Scroll down to Trusted Devices
3. See all devices you've marked as trusted

Information Shown

Detail	Description
Device name	Browser and operating system
Last used	When you last signed in from this device
Location	Approximate location (if available)

Removing a Trusted Device

If you lose a device or want to revoke access:

1. Go to Profile → Account Security
2. Find the device in Trusted Devices
3. Click Remove next to the device
4. The device will need to verify with 2FA on next login

---

Real-World Examples

Example 1: Enable 2FA for Your Account

Situation: You want to add extra security to your Infodeck account after hearing about password breaches in the news.

Solution:

1. Go to Profile → Account Security
2. Turn on the Email Verification toggle
3. Enter the verification code sent to your email
4. Your account is now protected with 2FA

Result: Even if someone discovers your password, they can't sign in without access to your email.

---

Example 2: Trust Your Work Computer

Situation: You sign in to Infodeck multiple times daily from your office computer and don't want to enter 2FA codes every time.

Solution:

1. Sign in to Infodeck as usual
2. Enter the 2FA code from your email
3. Check the box "Trust this device"
4. Complete sign-in

Result: Your work computer is now trusted. Future logins from this device won't require 2FA codes.

---

Example 3: Remove a Lost Device

Situation: You lost your laptop and want to ensure no one can access your Infodeck account from it.

Solution:

1. Sign in to Infodeck from another device
2. Go to Profile → Account Security
3. Find your lost laptop in Trusted Devices
4. Click Remove to revoke trust

Result: If anyone tries to use your account from the lost laptop, they'll need to enter a 2FA code (which only you can receive).

---

Example 4: Organization Enforces 2FA

Situation: You try to disable 2FA but the toggle is locked.

Solution:

1. Look for the message: "Two-Factor Authentication is mandatory for your organization"
2. This means your admin has enforced 2FA for everyone
3. You cannot disable 2FA while this policy is active
4. Contact your admin if you have concerns

Result: Your account remains protected by your organization's security policy.

---

Understanding the 2FA Process

When You Sign In

1. Enter email and password
         ↓
2. If 2FA is enabled:
   - Trusted device? → Skip to step 4
   - Not trusted? → Continue to step 3
         ↓
3. Enter 6-digit code from email
         ↓
4. Sign in successful

Code Details

Detail	Value
Code format	6 digits
Valid for	10 minutes
Delivery	Email to your registered address
Request new code	Click "Resend code" if needed

---

Troubleshooting

Can't Enable 2FA

Issue	Cause	Solution
Toggle disabled	Organization policy	2FA may already be enforced
Error during setup	Invalid code	Request a new code, check spam folder

Not Receiving 2FA Codes

Issue	Cause	Solution
No email	Spam filter	Check spam/junk folder
Delayed email	Server load	Wait 1-2 minutes, try "Resend code"
Wrong email	Incorrect registration	Contact admin to update email

Can't Disable 2FA

Issue	Cause	Solution
Toggle locked	Organization mandate	Admin has enforced 2FA for all users
"Cannot disable" message	Policy active	Contact admin if you need exception

Device Not Showing as Trusted

Issue	Cause	Solution
Must enter code every time	Didn't check "Trust"	Enable trust on next login
Trust expired	Browser cleared cookies	Re-trust the device
Different browser	Trust is browser-specific	Trust each browser separately

---

Security Best Practices

Do's

Practice	Benefit
Enable 2FA	Protects against password theft
Trust only your personal devices	Limits access to devices you control
Review trusted devices regularly	Remove old or unused devices
Keep your email secure	2FA relies on email access

Don'ts

Practice	Risk
Trust public computers	Anyone could access your account
Share verification codes	Defeats the purpose of 2FA
Ignore 2FA emails you didn't request	Could indicate attempted breach

---

Related Articles

• Organization Security
• Settings Overview
• How to Navigate Infodeck

---

Need help? Contact Infodeck Support