Skip to content
English
Website
  • There are no suggestions because the search field is empty.

Two-factor authentication

Wha's a two-factor authentification (2FA) ?

How does it work ?

Questions 

 

What's a two-factor authentication (2FA)?

 

Two-factor authentication (also called “two-step verification”) protects your account by requiring two different methods to access it:

  • your username and password;
  • as well as an additional code (via a QR code or a code sent by email).

 

Two-factor authentication is a security measure that significantly strengthens the safety of your AssessFirst account.

Even if a third party were to obtain your AssessFirst username and password, they wouldn't be able to access your account because they wouldn't have access to the security code sent by email or text.

 
Setting up two-factor authentication (2FA) via an authentication app applies to the following roles when 2FA is enabled for the company:
  • Admin
  • Recruiter
  • Manager

 

Two-factor authentication is not required if you log in via custom SSO.

 

How does it work ?

 

Setup During First Login 

The first time you log in after your administrator has enabled 2FA, if you haven’t yet set up an authentication app, a setup screen will appear automatically.

On the setup screen, you have two options for linking your authentication app: 
 
  • Scan the QR code: Open your authentication app and scan the QR code displayed on the screen.
  • Enter the activation code manually: An activation code is available below the QR code. You can copy it to your clipboard by clicking the icon next to the code.

 

image (4)

Once activation is confirmed, a recovery code is automatically generated and saved. Be sure to keep it in a safe place.

 

Enter and verify the TOTP code

After linking your app, enter the 6-digit code generated by the app. 

The confirmation button will remain disabled until you have entered exactly 6 digits.

 
image (2)
 
If the code you entered is incorrect or has expired:
  • an error message will appear directly below the input field
  • you will remain on the configuration screen
  • you must generate a new code from your application and re-enter it 
 


Logging in with a recovery code 

 
The recovery code format is as follows: 10 characters, a hyphen, 10 characters (XXXXXXXXXX-XXXXXXXXXX).

The confirmation button is disabled if the code is too short, lacks a hyphen, or uses an incorrect separator.
 
image (7)
 
 

Each recovery code is single-use. After a successful login, the old code is invalidated and a new recovery code is automatically generated.

 

Sign in with an email code 

An email containing a 6-digit code will be sent to you. Enter it on the dedicated screen and click the “Confirm” button.
The confirmation button is disabled until you have entered exactly 6 digits.

 
Remember this device

 
A “Remember this device for 30 days” checkbox is available on the TOTP and email code login screens. It is unchecked by default.

Depending on your choice: 
  • If you checked this box and successfully logged in, a cookie is created on your device that expires in 30 days. The two-factor authentication step will be skipped during your next logins on this device.
  • If you did not check the box: no cookie is created, and two-factor authentication will be required for every login.
 

Questions

 

My TOTP code is being rejected. What should I do?

TOTP codes expire every 30 seconds. If your code is rejected:

  • Wait for the next code to be generated in your app.

  • Make sure your phone's time is set to sync automatically.

  • If the problem persists, contact your administrator.


Where can I find my recovery code? 

The recovery code is generated automatically during activation. Keep it in a safe place (password manager, secure document). It will allow you to regain access to your account if you lose access to your authentication app.

 

What other options are available from the recovery code screen?

From this screen, two navigation links are available:

  • “Use email code”: redirects you to the email code login screen and automatically triggers the sending of an email.

  • Reinstall the authentication app: this redirects you to the authentication app setup screen.


I didn’t receive the email or my code has expired.

A “Resend” link is available on the entry screen, with the following rules:

  • When the screen loads, the “Resend” link is disabled and a 60-second countdown is displayed.

  • The link becomes active only once the countdown reaches 0. Click it to receive a new code via email.

  • Also check your spam folder if the email does not appear in your inbox.

 
 
 

If you have any questions, please feel free to reach out your support team support@assessfirst.com.