Help
Customer Service
Customer Service Information and Announcements
msrinivasan
Moderator
Moderator

Created on ‎02-23-2024 08:20 AM Edited on ‎03-07-2024 11:57 PM

Article Id 301046

Customer Service Tip: Answers to common Two-Factor Authentication (2FA) queries

Description This article contains solutions for issues frequently faced by customers with 2FA.
Scope FortiCloud Portal and Single Sign On (SSO).
Solution

Issue: Though 2FA is not enabled, the user receives a ‘Security Code’ prompt window and is unable to log in to the FortiCloud portal.
Answer: Refer to Receiving prompt for a two-factor authentication.

Issue: The user misplaced/changed the Mobile phone and needs assistance with re-provisioning the FortiToken mobile.

Answer: Contact Customer Service via Phone/Chat/by sending an email to cs@fortinet.com to receive the Bar code for provisioning.   


Issue: The user confirms that the correct password is entered yet receives the ‘Security Prompt’ window.

msrinivasan_0-1708704520863.jpeg

 

Answer: To confirm if the entered password is correct, select GO. If the customer sees the screen below, the password could be wrong or the system is picking the auto-saved password. Customers can either retry or select ‘Forgot Password?’ to reset the password.  

 

msrinivasan_1-1708704520868.jpeg

 

Issue: The user does not know what to do after failing to enter the token code within the allotted time.
Answer: The user must select GO and re-login.

msrinivasan_2-1708704520873.jpeg

 


Issue: The customer complains that push notifications are not being sent to the Mobile Phone which leads to manual entry of the code.

Answer: Navigate to ‘Apps & notifications’ of the ‘FortiToken Mobile App’ on the mobile settings to ensure that notification is enabled for the Login Request. If yes and still the issue persists, disable it and enable it again.

 


Issue: The customer wanted to sign up using a group email address (for example, csteam@fortinet.com) and does not want to enable 2FA via FortiToken mobile. The rationale is that while the mobile phone would belong to a single user, the login would be utilized by several employees within the organization.

Answer: Enabling 2FA is important to secure FortiCloud accounts from unauthorized access. The group email address can be managed by the head of the department and the rest of the users can be added as an IAM User with similar privilege. Refer to How do add IAM User.

 

Alternatively, a master account can be created with an individual’s company email address and the IAM User can be created with a group email address. In this case, the Master user would have 2FA enabled via FortiToken mobile and the IAM User should be able to use email-based authentication. Refer to How to enable 2FA for the IAM User.

 

Issue: The customer has several FortiTokens configured in the FortiToken Mobile App and does not know how to identify the one that belongs to the FortiCloud Portal.
Answer: If the user has more than one token on the app, it is best to give the token a name so that it can be recognized. It is possible to identify the token and name it either at the time of first provisioning or upon receiving the push notification.

 

Related article:

 

Call the customer support hotline number if any assistance is required.
713
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.