Two-factor authentication adds a layer of security to your reseller account by requiring a token in addition to your password at login. You can set up 2FA using an authenticator app or SMS. This FAQ answers common questions about managing 2FA after setup.
How 2FA management works
Once 2FA is enabled, you control it from the Account settings tab in the Reseller Control Panel. From there you can disable 2FA, change the default login method, view which users have 2FA active, and regenerate recovery codes. For initial setup steps, see Two-Factor Authentication Setup for Reseller Accounts.
How do I log in if I don't have my phone?
Log in using one of the emergency recovery tokens you received when you enabled 2FA. Using a recovery token automatically disables 2FA on your account, so you must re-enable it through the authenticator app or SMS after signing in.
How do I disable 2FA for my account?
You can use an emergency token to log in (which disables 2FA automatically), or disable it from the control panel:
Log in to the Reseller Control Panel.
Open the Account settings tab and click Edit next to 2-Factor authentication.
Select Disable SMS or Disable authenticator app.
Enter your current password and a new password when prompted. Disabling 2FA resets your password.
How do I change the default login method?
If you have both app-based and SMS-based 2FA enabled, you can change which one is prompted first:
Log in to the Reseller Control Panel.
Open the Account settings tab and click Edit next to 2-Factor authentication.
Select Change default login method and choose your preferred method.
How do I see which users in my account have 2FA enabled?
Open the Manage users tab under Account settings in the Reseller Control Panel. The list shows the 2FA status for each user.
Does the authenticator app share my credentials with the app provider?
No. The authenticator app uses a seed key provided by OpenSRS to generate time-based tokens locally on your device. The app sends no information to the provider and does not need an internet connection to generate tokens, because token generation relies only on the seed key and the initial token entered during setup.
How do I retrieve my emergency tokens if I didn't print them initially?
If you still have access to your account, you can regenerate recovery tokens. Generating a new set invalidates the previous set.
Log in to the Reseller Control Panel.
Open the Account settings tab and click Regenerate recovery code next to 2-Factor authentication.
Enter your account password and click Generate recovery codes.
Print or securely store the new codes.
Warning: Each regeneration invalidates the previous recovery codes. Update any stored copies after generating a new set.
Next steps
Print and store recovery codes securely. Keep codes in a separate location from your phone so you can recover access if your device is lost.
Audit 2FA coverage across your team. Use the Manage users tab to confirm every user has 2FA enabled.
Set up 2FA for new users. See Two-Factor Authentication Setup for Reseller Accounts.
Questions? Contact OpenSRS Support.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.