Skip to main content

Enabling disabling or recovering two‑factor authentication 2FA

Updated over 3 weeks ago

How to Enable, Disable, or Recover Two-Factor Authentication (2FA) in PyjamaHR

Executive Summary

Two-Factor Authentication (2FA) in PyjamaHR adds an extra layer of security to your account by requiring a second verification step during login. With recent updates introducing third-party 2FA integration, all logins now require this enhanced security—protecting your data whether you access your account from multiple locations or devices. This article provides a comprehensive guide to enabling, disabling, and recovering 2FA, tailored to real customer scenarios and questions.

Detailed Overview

What is Two-Factor Authentication (2FA) in PyjamaHR?
2FA is a security feature that requires users to provide two forms of identification before accessing their PyjamaHR account. With the latest update, PyjamaHR now uses a third-party integration for 2FA, making it mandatory for all logins. This means every time you log in, you’ll need your password and a verification code from your chosen 2FA method (such as an authenticator app).

When and Why Should You Use 2FA?
- Protect sensitive recruitment data from unauthorized access.
- Access your account securely from multiple locations (e.g., working from different offices or homes).
- Comply with organizational security policies or industry regulations.

Integration with Other PyjamaHR Features
2FA works seamlessly with your existing PyjamaHR login process. It does not interfere with your ability to access features, but it does prevent simultaneous logins from multiple devices or locations using the same credentials.

Business Impact and Benefits
- Reduces risk of account compromise due to credential theft.
- Supports remote and multi-location work without sacrificing security.
- Ensures compliance with modern security standards.

Step-by-Step Guide: Enabling, Disabling, and Recovering 2FA

Prerequisites

  • Access to your PyjamaHR account.

  • A compatible third-party authenticator app (e.g., Google Authenticator, Authy).

  • Your primary device (phone or tablet) for setup.

Enabling 2FA

  1. Log in to your PyjamaHR account.

  2. Navigate to Account Settings
    - Click your profile icon in the top-right corner.
    - Select ‘Account Settings’ from the dropdown.

  3. Find the Security Section
    - Scroll to the ‘Security’ or ‘Two-Factor Authentication’ section.

  4. Click ‘Enable Two-Factor Authentication’
    - This will prompt a setup wizard.

  5. Scan the QR Code with Your Authenticator App
    - Open your authenticator app and scan the QR code displayed.
    - [Screenshot: Show QR code and where to find it in the UI]

  6. Enter the Verification Code
    - Enter the 6-digit code generated by your app.
    - Click ‘Verify’.

  7. Save Backup Codes
    - Download or copy your backup codes in case you lose access to your device.

  8. Confirmation
    - You’ll see a confirmation message that 2FA is enabled.

Disabling 2FA

  1. Go to Account Settings > Security.

  2. Click ‘Disable Two-Factor Authentication’.

  3. Enter your password and a current 2FA code to confirm.

  4. 2FA will be disabled for your account.

Recovering 2FA Access

If you lose access to your authenticator device:

  1. Use a Backup Code
    - On the login screen, click ‘Use Backup Code’ and enter one of your saved codes.

  2. If You Don’t Have Backup Codes:
    - Click ‘Can’t access your 2FA device?’ on the login screen.
    - Follow the prompts to verify your identity (may require contacting support).

  3. Contact PyjamaHR Support
    - If you’re unable to recover access, contact support with your registered email and details.

Advanced Usage & Best Practices

  • Multiple Locations:
    You can log in from different locations (e.g., home and office in Delhi) as long as you’re not logging in simultaneously from both places.

  • Do Not Share Credentials:
    Sharing your login details is against best practices and may trigger security alerts or lockouts.

  • Backup Codes:
    Always store backup codes securely offline. These are your lifeline if you lose your device.

  • Authenticator App Choice:
    Use a reputable authenticator app; avoid SMS-based 2FA for higher security.

  • Update 2FA Device Promptly:
    If you change or lose your phone, update your 2FA settings immediately.

Troubleshooting & Common Issues

Common Scenarios

  • Accessing from Multiple Locations:
    You can use your account from different places (e.g., Dwarka and Paschim Vihar) as long as you’re not logged in at the same time from both.

  • Simultaneous Logins:
    Simultaneous logins from different devices/locations with the same credentials are not supported and may result in access issues.

  • Lost Authenticator Device:
    Use backup codes or contact support for recovery.

  • Repeated 2FA Prompts:
    Ensure you’re not sharing credentials or logging in from multiple devices at once.

Error Messages & Solutions

  • “Invalid 2FA code”

  • Ensure your device time is correct.

  • Try re-syncing your authenticator app.

  • “2FA required for login”

  • 2FA is now mandatory; follow the setup steps above.

  • “Account locked due to suspicious activity”

  • Contact support for assistance.

Comprehensive FAQ

  1. Can I use my PyjamaHR account from two different locations?
    Yes, as long as you’re not logged in simultaneously from both.

  2. Will my account be blocked if I log in from different places in the same city?
    No, location changes are fine; simultaneous logins are not.

  3. What if I lose my phone with the authenticator app?
    Use backup codes or contact support to recover access.

  4. Can I disable 2FA after enabling it?
    Yes, via Account Settings > Security.

  5. Is 2FA mandatory for all users?
    Yes, with the new third-party integration, all logins require 2FA.

  6. Can I share my credentials with a colleague?
    No, sharing credentials is not recommended and may cause access issues.

  7. What authenticator apps are supported?
    Any standard TOTP-based app (e.g., Google Authenticator, Authy).

  8. How do I update my 2FA device?
    Disable 2FA, then re-enable it with your new device.

  9. What if I enter the wrong 2FA code multiple times?
    You may be temporarily locked out; wait and try again or contact support.

  10. Do I need internet access for 2FA?
    Only for initial setup and login; authenticator apps work offline.

  • Single Sign-On (SSO):
    Consider enabling SSO for streamlined access with 2FA.

  • User Access Management:
    Review user permissions and access logs for enhanced security.

  • Audit Logs:
    Monitor login attempts and security events in the Audit Logs section.

Related Articles:
- How to Reset Your PyjamaHR Password
- Managing User Access and Permissions
- Security Best Practices for PyjamaHR

Still need help?
If you encounter any issues not covered here, please contact PyjamaHR Support with your registered email and a detailed description of your issue.

Keywords:
2FA, two-factor authentication, enable 2FA, disable 2FA, recover 2FA, login from multiple locations, PyjamaHR security, authenticator app, backup codes, account recovery

Did this answer your question?