Setting up Two-Factor Authentication

Two-factor authentication (2FA) is a security measure that adds an additional step for your login process to protect your account. It requires you to enter your login credentials along with a secondary authentication code such as a pin that an authenticator sends to your phone.

Enable 2FA

Enabling 2FA is completely optional, but highly recommended because your program contains sensitive information about potential vulnerabilities and bugs that affect your organization.

To enable 2FA for your account:

  1. Click your profile pic and then click Security.

    security

  2. Click Two-factor authentication on the left side.

    click two-factor authentication

  3. Follow the three step process as directed on the screen and then click Enable 2FA.

    two-factor authentication page

    After you enable 2FA, you will be prompted to provide your authentication code each time you log in to Crowdcontrol.

    Check marks are provided to indicate which team members have their Two Factor Authentication (2FA) enabled. Also, allows you to note who on your team must turn on their 2FA to be protected.

    bounty-analyst

    Using SAML as a means of authentication can leverage 2FA through their provider and not the platform. Hence, the check next to SAML authenticated users is not displayed.

Logging in Using 2FA

If 2FA is enabled for your account, then each time you log in, you will be prompted to provide the authentication code (generated on your device) along with your username and password.

Disabling 2FA

  1. On the Security tab, click Two-factor authentication on the left side .

    click two-factor authentication

  2. Click Disable two-factor authentication.

    disable-2fa

    2FA is disabled for your Bugcrowd account and you will be redirected to the Login page. When you log in to Bugcrowd, you will not be prompted to provide the authentication code.

    If it is a new phone or phone is lost, submit a support ticket through the Bugcrowd Support Portal immediately.


Onboarding
Account Management
Security Program Management
Engagement Management
Reporting
Submission Management
Integration Management