How do I secure my account using multi-factor authentication

Multi-factor authentication (MFA) is a security enhancement that requires you to present two pieces of evidence - your credentials - upon signing in. These credentials can be something you know such as your password, and something you have such as an application that generates a one-time passcode. MFA helps protect access to data and applications by adding an extra layer of security.

You have probably already used MFA in some form or another. For example, if you logged into a website that sent a code to your mobile device which you used to gain access to your account.

Note: If your VMware Cloud Services account is federated, MFA is managed by your enterprise security team.

To secure your VMware Cloud Services account with MFA, you download an authentication application to your mobile device. This creates a virtual MFA device. The application generates a six-digit authentication code that is compatible with the time-based, one-time password standard. You use this code together with your VMware ID and password to log in to cloud services.

When you set up MFA for your account, you receive a set of 10 recovery codes. Save these codes to a safe place. You'll need them to sign in if you don't have your MFA device near by, or if you have lost it.


How do I?
Activate my MFA device.	Click your user name on the menu, and select My Account > Security. Click Activate MFA Device, and follow the instructions to set up your device. MFA is turned on automatically. The next time you sign in, use your VMware ID and password, and an authentication code generated by the app.
Turn off MFA so I sign in with my VMware ID and password only.	Click your user name on the menu, and select My Account > Security. Click the MFA is turned on toggle key.
Deactivate my MFA device.	Click your user name on the menu, and select My Account > Security. Click Deactivate MFA Device.
Regenerate my recovery codes	You can regenerate a new set of recovery codes at any time by accessing My Account > Security.

What two-factor authentication application can I use?

VMware Cloud services support the following two-factor authentication applications.

You can download the authenticator for your device by clicking the appropriate link below.


Device	Authentication application
iOS	Google Authenticator. See, https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8. Duo Mobile. See, https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile.
Android	Google Authenticator. See, https://support.google.com/accounts/answer/1066447?hl=en. Duo Mobile. See, https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile.
Windows phone	Authenticator. See, https://www.microsoft.com/en-us/store/p/authenticator/9wzdncrfj3rj?rtc=1. Duo Mobile. See, https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile.
Blackberry	Google Authenticator See, https://support.google.com/accounts/answer/1066447.

For more information about virtual MFA applications, see https://tools.ietf.org/html/rfc6238.

What actions can I take when I can't log in with MFA

When you activate MFA in VMware Cloud services, you receive a set of 10 recovery codes. You can copy these codes, download them and even print them, but you must save them to a safe place.

How do I troubleshoot MFA when I can't sign in

When you activate MFA in VMware Cloud services, you receive a set of 10 recovery codes. You can copy these codes, download them and even print them, but you must save them to a safe place.

If you experience issues signing in to VMware Cloud services, you can use a recovery code.


If...	Do this...
I don't have access to my MFA device or the device has been lost	On the VMware Cloud Services sing-in page, click the Troubleshoot MFA link. When prompted, enter one of the recovery keys.
I can't find my recovery codes	Contact VMware Support by calling a support phone number or by accessing the Login Chat Support on VMware Customer Connect.