Skip to main content

Two-Factor Authentication

  • Updated

Two-factor authentication (2FA), sometimes called multi-factor authentication (MFA), is an additional security measure that protects your online accounts. By requiring a second verification, beyond your password, 2FA creates a significantly higher barrier against unauthorised access.

Organisations in Boardeaser have the option to set requirements for their invited users to enable two-factor authentication. If an invited user has not enabled two-factor authentication, they will not be able to access the organisation's content.

Two-Factor Authentication Methods in Boardeaser

In Boardeaser, it is supported to enable the following two-factor authentication methods:

  • BankID
  • Verification code via email
  • Recovery codes

Guide Contents

BankID

Log in with BankID for quick and secure access to your account. Boardeaser supports logging in with BankID so you can feel confident that no unauthorised person gains access to your information.

See how to enable/disable BankID as a login method in the guide BankID as a login method - Enable / Disable / Troubleshooting

 

Verification Code via Email

It is currently possible to add a six-digit code sent to your email address to confirm that it is you trying to log in. This increases the security of your account, as both your password and access to your email account are required for login.

If you log in with BankID or Yubikey, you do not need to confirm with an email code.

Two-factor authentication with email cannot be disabled once it has been enabled.

Enable Verification Code via Email on User Account

Log in to your user account in Boardeaser. Once logged in, click your name at the top right and select the option "My profile".

Skärmavbild 2024-11-06 kl. 09.23.38.png

 

Select "Security" in the left menu.

Skärmavbild 2024-11-11 kl. 11.32.34.png

 

Enable both the "Recovery codes" setting at the bottom of the page and then "Verification code via email" by clicking the "Activate" buttons.

Skärmavbild 2024-11-06 kl. 09.25.58.png

 

In the next step, you need to activate recovery codes. You do this by clicking "Create codes". When you click "Create codes", a verification code will be sent to your email address which you enter in the field.

Screenshot 2024-01-16 at 08.30.38.png

 

In the next step, your generated activation codes will be displayed. You can choose to print, download, or copy the codes. Then click "Continue".

Screenshot 2024-01-16 at 09.43.40.png

 

If you click "Continue", a verification code will be sent to your email. Enter or paste that code into the field shown and then click "Activate". 

Skärmavbild 2024-11-06 kl. 09.28.12.png

 

Done!

Skärmavbild 2024-11-06 kl. 09.21.10.png

 

Once this is set up, a six-digit verification code will be sent to your email address each time you log in with your email address and password to Boardeaser. You can enter the code manually or copy the code directly from the email.

If you do not receive a verification code, you can request a new verification code after 120 seconds have passed.

If you no longer have access to your email address, you can click "Use a recovery code". Read more about recovery codes further down in this guide, Recovery codes

Screenshot 2023-12-04 at 14.58.07.png

 

Recovery Codes

Recovery codes can be used to access your account if you have lost access to other multi-factor authentication methods, for example if you have lost access to your email address. 

You need to have enabled two-factor authentication (2FA) on your user account either through BankID login or verification code via email to be able to activate recovery codes.

Enable Recovery Codes

To access your recovery codes, log in as usual. Once logged in, click your name at the top right and select the option "My profile".

Skärmavbild 2024-11-06 kl. 09.23.38.png

 

Select "Security" in the left menu.

SCR-20241111-ktbg.png

 

At the bottom of this view, you will find "Recovery codes". Click the "Manage" button to access your recovery codes.

Skärmavbild 2024-11-11 kl. 11.35.35.png

 

Enter your password to verify that it is your user account and click "Continue". If you logged in through BankID, you will proceed directly.

Skärmavbild 2024-11-11 kl. 11.39.30.png

 

If you lose access to your other two-factor authentication methods, you will need a recovery code to access your account. Save these recovery codes in a secure place where only you can access them.

As you use recovery codes, the used codes are removed from the list. You can generate new codes by clicking the "Create codes" button. You also have the option to print the codes using the "Print" button.

Skärmavbild 2024-11-11 kl. 11.36.40.png

 

Use Recovery Codes

In a case where you log in with email and password but have lost access to your email address, you can choose to use recovery codes. In such a case, click the link "Use a recovery code".

SCR-20241111-kobt.png

 

Enter one of your saved recovery codes and click "Verify". If the recovery code is valid, you will then be logged in. A notification will show how many recovery codes you have left in the top right corner.

Remember that a recovery code only works once. If the code does not work, it may have been used previously. Try another of your recovery codes.

Skärmavbild 2024-11-11 kl. 11.38.26.png

 

Organisation - Set Requirement for Two-Factor Authentication

Require your users to authenticate with extra security keys or Swedish BankID. At least one member must have enabled two-factor authentication first.

To set up two-factor authentication in the organisation, click "Administration" then "Settings" in the left menu. Then click on "Advanced settings".

 

Check the option "Require two-factor authentication" and save the settings by clicking "Save".