Two factor authentication

Protecting the accounts of users that log in to your websites is essential. Two factor authentication (TFA) is required for Drupal 9 SaaS sites. We highly recommend you ‘opt in’ to use TFA for Drupal 7 and 8 websites on the SaaS platform, and configure it for any version of Drupal running on the PaaS platform.

Two factor authentication is one of the most effective controls you have to prevent unauthorised access to accounts on your website. If your site allows members of the public to login two factor authentication is even more important. Two factor authentication is not mandatory, but we strongly recommend organisations start using this feature. Instructions on how to set up two factor authentication are available on the GovCMS Service Desk knowledge base or on the GovCMS online communities.

If you no longer have access to your two factor authentication (TFA) or your one-time use recovery codes, your Site Admin will be able to reset this on your profile. If you are a Site Admin, you will need to raise a ticket with the GovCMS Service Desk.

This page was last updated on Wednesday 1 September 2021