Two-factor authentication (2FA) is a security measure that adds an additional step for your login process to protect your account. It requires you to enter your login credentials along with a secondary authentication code such as a pin that an authenticator sends to your phone.
Enabling 2FA is completely optional, but highly recommended because your program contains sensitive information about potential vulnerabilities and bugs that affect your organization.
To enable 2FA for your account:
Click your profile pic and then click Security.
Click Two-factor authentication on the left side.
Follow the three step process as directed on the screen and then click Enable 2FA.
After you enable 2FA, you will be prompted to provide your authentication code each time you log in to Crowdcontrol.
Check marks are provided to indicate which team members have their Two Factor Authentication (2FA) enabled. Also, allows you to note who on your team must turn on their 2FA to be protected.
Using SAML as a means of authentication can leverage 2FA through their provider and not the platform. Hence, the check next to SAML authenticated users is not displayed.
Logging in Using 2FA
If 2FA is enabled for your account, then each time you log in, you will be prompted to provide the authentication code (generated on your device) along with your username and password.
On the Security tab, click Two-factor authentication on the left side .
Click Disable two-factor authentication.
2FA is disabled for your Bugcrowd account and you will be redirected to the Login page. When you log in to Bugcrowd, you will not be prompted to provide the authentication code.
If it is a new phone or phone is lost, submit a support ticket through the Bugcrowd Support Portal immediately.