If your Organisation’s Account Owner has enabled Two-Factor Authentication (2FA) enforcement, you will be prompted to set it up when logging into your ApprovalMax account.
Click on Set up two-factor authentication:
Download an Authenticator app on your smartphone.
Suitable Authenticator applications are:
Do not delete the Authenticator app after installation. You will need it to log in to the system using 2FA.
Scan the QR code with your authenticar app and click on Proceed:
Please note: it is important to finalise the 2FA setup: if you return to a previous page or close an active page during the 2FA setup, you’ll need to delete the previously added authentication record and set up a new one from scratch.
Enter the code from your Authenticator app and click on CONTINUE:
Choose an alternative 2FA option by selecting either Backup email or Backup codes (make sure to securely save your backup codes for future use) and click on Proceed:
Once you have setup your alternative 2FA option click on DONE:
Troubleshooting Wrong Code messages
You may get a Wrong Code message when you enter a 2FA code. There are several possible reasons for this:
The code you entered has expired, so you just need to enter a new one during the validity period.
You might have entered a code from an Authenticator app that hasn’t been configured to be used for ApprovalMax.
You returned to a previous page / closed an active page during the 2FA setup. This makes the code generated for the QR code you scanned earlier (authentication record) invalid. If this is the case, you’ll need to delete the previously added authentication record and set up a new one from scratch.
You entered an incorrect 2FA codes multiple times in a row, your account will be temporarily locked for 30 minutes as a security precaution. Any additional attempts during the cooldown period will reset and extend the period.
When the 2FA setup has been completed, you can use the Trust this Device feature that allows you to designate a specific device as trusted during the login process.
When enabled, this feature provides you with the convenience of bypassing the usual two-factor authentication (2FA) process on subsequent logins from the trusted device:
The Trust this Device feature is designed to strike a balance between user convenience and security. By allowing trusted devices, users are not burdened with repetitive 2FA steps during subsequent logins from those trusted sources. However, this feature should be used with caution and only on personal or secure devices to prevent unauthorised access to accounts.
Alternatively, you can pass the authentication flow through your SSO provider. This option does not require users to set up 2FA, even though it is supposed to be enforced.
Please also watch our how-to video on How to enable two-factor authentication for your ApprovalMax account: