Your servers connected to RunCloud are secure, but keeping your RunCloud account itself secure is also incredibly important. We always highly recommend using two-factor authentication.
Understanding Two-Factor Authentication (2FA)
Two-Factor Authentication (2FA) is a security measure that requires two types of credentials for authentication, and is designed to provide an additional layer of validation, minimizing security breaches. Here’s how to enable two-factor authentication on your account.
First, head over to the Settings page by clicking the Settings menu item in the sidebar menu, as shown below:
Or alternatively, by clicking Settings in your user menu:
Once you’ve made your way to your RunCloud settings, head to the Authentication options:
This is where you can manage all settings related to authentication.
At the bottom, if you haven’t already enabled two-factor authentication, you’ll see the option to enable two-factor authentication.
To enable it, click that button, and you’ll be shown a series of instructions:
The process is relatively straightforward if you’re familiar with two-factor authentication.
You can either:
- Scan the QR code shown using Authy, LastPass Authenticator (or similar solutions)
- Enter the code shown underneath the QR code in Authy, LastPass Authenticator, etc.
After you have done this, you will be shown a six-digit code. You will need to enter this in the third step before you can enable two-factor authentication for your account.
And that’s all – your account is now using two-factor authentication!
You’ll now also be able to:
- Download recovery codes in the event that you lose access to your 2FA device, as this would prevent you from logging in to your account. We highly recommend doing this.
- Entering a phone number to enable two-factor authentication as a fallback form of authentication. We also highly recommend doing this.
FAQs
Why am I Receiving a Message about 2FA?
Our security research team has noticed ongoing attacks, and we’ve received reports of user accounts being taken over and held ransom. To protect your account, we recommend enabling either 2FA or Whitelist IP – or both. This is a precautionary measure for your safety.
Why is 2FA Mandatory on RunCloud?
Given the recent uptick in security threats, we have made it mandatory for all users to use 2FA starting from March 2024. This measure will significantly enhance the security of your account, and will reduce the number of successful hacking attempts.
What if I don’t Enable 2FA or Whitelist IP on RunCloud?
We highly recommend enabling MFA or whitelisting login IPs for the sake of your account’s security. If not enabled, your account will be at a higher risk of security breaches.
I didn’t Receive an Email Code
If you do not receive the email containing the code immediately, please be patient. Email delivery times can vary. It usually takes less than a minute to receive an email, but if you haven’t received it within 5 minutes then please check your spam box.
While you wait for your email, please do not refresh your RunCloud MFA setup screen. Refreshing the page will not expedite this process, and may even result in additional emails being sent to your inbox, which will lead to confusion.
RunCloud MFA QR Code is Not Working
The QR code displayed on your screen is unique for each page load. This means if you refresh your RunCloud dashboard then you will get a different QR code.
If you have already scanned a QR code in your authenticator app such as Authy, Google Authenticator, etc. and refreshed the RunCloud dashboard before clicking submit, then please delete the old QR code from your authenticator app and scan the new code displayed on your screen.
If you have any other questions or need help – please feel free to get in touch with our 24/7 support team. We’re here to help!