Oracle Cloud Infrastructure Documentation

Managing 2-Step Verification

2-Step Verification is an authentication method that requires you to use more than one way of verifying your identity, providing a second layer of security to your account.

When you sign in to an identity domain, you’re prompted for your user name and password, which is the first factor. You then might be required to provide a second type of verification. Providing a second type of verification is called 2-Step Verification. The two factors work together to add an additional layer of security by using either additional information or a second device to verify your identity and complete the sign-in process.

Set up 2–Step Verification for your account either during 2–Step Verification enrollment or using the 2–Step Verification page from the self-service console. Also, use the 2–Step Verification page to perform tasks such as enabling and disabling 2–Step Verification, setting up authentication methods, trusting a device, and generating bypass codes.

Enrolling in 2–Step Verification During 2–Step Verification Enrollment

Use the following tasks in the table as guide when enrolling in 2–Step Verification during 2–Step Verification enrollment.
Task Description Additional Information

Enroll in 2–Step Verification for Your Account

Learn how to enroll in 2–Step Verification during 2–Step Verification enrollment and the authentication methods available to you.

Setting Up 2–Step Verification During Enrollment

Add Backup Verification Methods

Learn how to add backup verification methods for your account when you enroll in 2–Step Verification.

Adding Backup Verification Methods

Trust a Device

Learn how to trust a device when you enroll in 2–Step Verification.

Trusting a Device

Set a Default Verification Method

Learn how to set a default verification method when you enroll in 2–Step Verification.

Setting a Default Verification Method

Setting up 2–Step Verification Using the 2–Step Verification Page

Use the following tasks in the table when setting up 2–Step Verification for your account from the 2–Step Verification page in the self-service console.
Task Description Additional Information

Adding a 2–Step Verification Method

Learn how to add 2–Step Verification methods on the 2–Step Verification page and the authentication methods that are available to you.

Configuring an Additional 2–step Verification Method

Removing a 2–Step Verification Method

Learn how to remove 2–Step Verification methods on the 2–Step Verification page.

Removing a 2–Step Verification Method

Renaming a 2–Step Verification Method

Learn how to rename a 2–Step Verification method on the 2–Step Verification page.

Renaming a 2–Step Verification Method

Managing Security Questions

Learn how to set up and manage security questions on the 2–Step Verification page.

Managing Security Questions

Generating a Bypass Code

Learn how to generate bypass codes on the 2–Step Verification page.

Generating a Bypass Code

Using a Bypass Code

Learn how to use a bypass code.

Using a Bypass Code

Removing a Trusted Device

Learn how to remove a trusted device on the 2–Step Verification page.

Removing a Trusted Device

Setting Up 2–Step Verification During Enrollment

2-Step Verification is an authentication method that requires you to use more than one way of verifying your identity, providing a second layer of security to your accounts.

After you enter your user name and password at the login page, you use a second verification method, such as a passcode that is sent as an SMS to your mobile device. Second verification methods prevent anyone but you from logging in, even if they know your password. You can set up 2-Step Verification for your account during 2-Step Verification enrollment or using the My Profile console independent of enrollment. This section covers the steps to set up authentication methods during enrollment, and also the steps required to use those methods to verify your identity during sign-in.

The following 2–Step Verification methods are supported:

  • Text Message (SMS)
  • Mobile App OTP and Notifications
  • Security Questions
  • Email

Changing Your Default Verification Method During Enrollment

You can change your default verification method when you sign in.

  1. Enter your username and password in an MFA-protected environment.
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. Click Show alternative login methods. All 2–Step Verification methods that you are enrolled in appear in the Alternative login methods section.
  3. Select a different verification method. You are then prompted to enter the required verification for that method.
  4. Enter the required verification.
  5. Select the Make this my default method check box to set this 2-Step Verification method as your default. The next time that you sign in, you are prompted to verify your identity using this method of verification.

Setting up a Mobile Number

Enroll your mobile number as a 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile SMS.
  4. Enter the mobile number where you want to receive the passcode, and then click Send Passcode.
    An SMS passcode is sent to your mobile device.
  5. Enter the passcode into the Passcode box, and then click Verify Mobile Device.

    The Successfully Enrolled page appears.

    If you do not receive a text, click Resend.

  6. (Optional) To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
  7. Click Done.

Setting up the Oracle Mobile Authenticator App

Enroll the Oracle Mobile Authenticator (OMA) app as a 2–step verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile App.
    You are prompted to download the Oracle Mobile Authenticator app from the app store.
  4. After you install the OMA app, you need to link it to an account. You can add an account three ways:
    1. Scan the Quick Response (QR) code
    2. Enter the key manually
    3. Use the enrollment URL
    After you add the account using one of these methods, OMA app enrollment is complete.

Setting up a Third-Party Authenticator App

Enroll a third-party authenticator app as a 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Mobile app, and then follow the instructions.
  4. Scan the offline version of the Quick Response (QR) code that appears for use with third-party authenticators. If you can’t scan the QR code, you are also given the option enter the key manually. You can use either option with the third-party authenticator app. We recommend using the Oracle Mobile Authenticator as it supports notifications and many important security features.
  5. After set up is complete on the Authenticator app, a one-time passcode (OTP) appears for your account in the third-party authenticator app. Enter that OTP on the Enable 2-Step Verification page, and then click Verify.
    The Successfully Enrolled page appears.
  6. Click Done.
    To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.

Setting up Security Questions

Enroll in the security questions 2–Step Verification method.

When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment. />
    The 2-Step Verification page appears, and then you are prompted for your second verification method.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Security questions.
    The number of security questions that you are required to answer appear.
  4. Select the questions, and then provide your answers.
  5. (Optional) Enter answer hints. The answer and the hint can’t be the same.
    The hint appears as a tooltip when you are using security questions as your second authentication method.
  6. Click Save.
    The Successfully Enrolled page appears.
  7. Click Done.
    To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.

Setting up a Recovery Email or Another Email

Enroll your email as your 2–Step Verification method.

Note

Depending on how your administrator has configured your email settings, you might see either Recovery Email, or Email, or both as 2–Step Verification options.
When multi-factor authentication (MFA) is enabled, the first time that you sign in, the Select Your Default 2-Step Verification Method flow appears after you enter your user name and password.
  1. Enter your username and password in an MFA-protected environment.
  2. On the Enable 2-Step Verification introduction page, click Enable 2-Step Verification.
    The authentication methods available to you appear on the Select Your Default 2-Step Verification Method page.
  3. Click Recovery Email or Email.
    A one-time passcode is sent to your primary email address.
  4. Enter the passcode into the Code box, and then click Verify Email Address.
  5. (Optional) To set up an additional method during enrollment, select another method from the bottom of the page, and then complete the enrollment process for that method. Alternatively, you can set up additional methods later using the Security tab in the My Profile console.
  6. Click Done.