Two-Factor Authentication

Last modified: February 14, 2024

1 Introduction

Mendix Cloud provides two-factor authentication (2FA) to help secure your account. 2FA requires you to identify yourself using your password as well as a second authentication mechanism.

This extra layer of authentication is required when you perform sensitive activities on Mendix Cloud nodes, such as deploying packages and handling production data. Actions that require 2FA are indicated by a padlock ( ) in the Developer Portal. For example, switching to the production environment requires 2FA.

To use 2FA, you need to have access to your mobile phone and an active session in the Mendix Developer Portal.

2 Setting Up and Using 2FA

To set up 2FA, you first need to perform an action that requires 2FA. For example, on the Environments page of your app, you could click Details ( ) on the production environment.

Then, choose one of the two authentication methods:

You can set up either authentication via SMS or authentication via an authenticator app. Instructions for both authentication methods are provided below.

Once 2FA is set up, whenever you perform an action that requires 2FA, you will receive an authentication code via the authentication method you have configured. You can then provide this code in the Developer Portal to authenticate yourself.

Whenever you authenticate yourself using 2FA, your browser session will be authorized to complete sensitive operations for the next eight hours.

2.1 Authenticating with SMS

For this 2FA method, you need a phone number connected to a mobile phone or other device that can receive SMS messages.

2.1.1 SMS Setup

To set up 2FA with SMS, follow this process:

  1. Click Use SMS in the dialog box that opens the first time you perform an action that requires 2FA.

  2. Enter a phone number to which SMS messages can be sent. Click Send text message.

  3. Check your text messages to retrieve the verification code. Enter the code and click Activate.

2.1.2 SMS Authentication

Once you have 2FA configured to use SMS, you can use it to complete sensitive operations in the Developer Portal. When you perform an operation that requires 2FA, you can send an authentication code to your mobile phone.

Then, authenticate yourself by entering the authentication code from the text message.

2.2 Authenticating with an Authenticator App

2.2.1 Authenticator App Setup

To set up 2FA with an authenticator app, follow this process:

  1. Click Use Authenticator in the dialog box that opens when you use 2FA for the first time.

  2. Follow the setup steps outlined in the Authenticator dialog box:

    1. Download a client – Install and open an authenticator app on your mobile phone.
    2. Set up your authenticator – Add an account in your authenticator app, using the provided key or QR code.
    3. Enter a code – In the Authenticator dialog box, enter the code from your authenticator app.
    4. Click Activate.

Your account is now secured with 2FA and ready to use.

2.2.2 Authenticator App Authentication

Once you have 2FA configured to use an authenticator app, you can use it to complete sensitive operations in the Developer Portal. When you perform operations that require 2FA, you can use your authenticator app to get a six-digit code that is valid for 60 seconds. You will need to enter that code in the Developer Portal to authenticate yourself.

3 Changing Your Authentication Method

To change your 2FA method, phone number, or authenticator app, you need to deactivate your 2FA and then set it up again with your new details.

To deactivate your 2FA, go to User Settings > Developer Settings. Then, in the Two-Factor Authentication (2FA) section, click Deactivate.

In the dialog box that opens, confirm that you want to deactivate your 2FA. This sends a verification email to your registered email address; click the Deactivate 2FA link in the email to complete the deactivation process. The email link is valid for several minutes; if it expires before you use it, you can repeat this process to get a new link.

Once your 2FA is deactivated, your Developer Settings will show the following message:

You can reactivate your 2FA by triggering any action that requires 2FA. Then, set up your new authentication method using the setup steps outlined on this page.

4 Read More