Two-factor authentication (2FA) is a method of securely verifying your identity using two pieces of evidence instead of one. With 2FA disabled, you verify your identity using only a password. With 2FA enabled, you verify your identity with an app on your mobile device as well as your password. 2FA provides an added layer of security for your Trend Micro Account and prevents unauthorized access to your Trend Micro SaaS product consoles, even if your password is stolen.

Two-Factor Authentication provides a heightened layer of security to protect your account and the heightened security requires that all codes meet certain criteria. The reasons a code may not be working are as follows:

• The code has expired.

  All codes have an expiration time. Check that the code you are using is still valid. If the code has expired, generate or request a new code.

• You may be using an older or invalid Google Authenticator account.

  If you have recently reinstalled the Google Authenticator app or changed the Google Authenticator account associated with your Trend Micro account, you may have selected an older account to generate your passcode. Ensure that you are using the correct Google Authenticator account when generating passcodes.

If you lose your mobile device, you can disable 2FA or register a new device.

To disable 2FA, choose from the following procedures:

• If you are logged into your SaaS console, open the Two-Factor Authentication dialogue and click Disable.

• If you are not logged into your SaaS console, request an emergency access code, log into the console, then complete the steps to disable Two-Factor Authentication.

To register a new mobile device, see How do I register a new mobile device?.

If you have accidentally removed the Google Authenticator app from your mobile device and need to access your SaaS console, try one of the following:

• If you are currently logged on to your SaaS console:

  Disable the Two-Factor Authentication feature and redo the registration steps to reinstall the Google Authenticator app.

• If you are not logged on to your SaaS console:

  Request an emergency access code, disable the Two-Factor Authentication feature, and redo the registration steps to reinstall the Google Authenticator app.

There are several reasons why email messages may not be displaying in your Inbox.

• Your email service is sending the messages to your spam or junk folder.

• Your email server is delaying the messages before the email messages reach your Inbox.

• Your email server is blocking the messages. Talk to your IT administrator if you think that the email server is blocking the messages.

The Two-Factor Authentication feature sends the following email messages:

• Confirmation email

  When first registering the service, you receive an email message containing your "Confirmation code" necessary to link your mobile device with the Two-Factor Authentication service.

• Emergency code

  If you do not have access to your mobile device and need to access your SaaS console immediately, you can request an "emergency code", which the system sends to you through email.

Yes. The Google Authenticator app uses a time-based generation algorithm that functions independently from the server. The server and the app generate the same code at the same time, but no active connection between the app and server is necessary.

The Google Authenticator barcode requires that you use the built-in Google Authenticator QR scanner to retrieve the correct information. Other QR scanners cannot read the barcode correctly.