Start FileCloud FREE Trial
Log in

Two-Factor Authentication for Admin Portal

TOTP authentication for the admin portal is available beginning in FileCloud 23.242. TOTP authentication should work correctly with any authenticator app; however, the following apps have been tested and performed successfully: Google Authenticator, TOTP Authenticator, Duo Mobile, Microsoft Authenticator, Authy, Okta Verify, 2FA Authenticator (2FAS)

Support for two-factor authentication is available for admin portal login. Both the primary FileCloud admin and the superadmin (for multitenancy) can be set to require the additional code in order to access the admin portal.

Two-factor authentication for the admin portal supports authentication by email, SMS, and TOTP.

Enable two-factor authentication for admins

To enable 2FA for the first time an admin logs into the admin portal:

  1. In the FileCloud admin portal's left navigation bar, scroll down and click Settings. Then, on the Settings navigation page, click Admin .
    The Admin settings page opens.
  2. Enable Enable two-factor authentication for admin logins.


    2FA fields appear. 

Setting 2FA delivery method to SMS

Note: Currently SMS authentication is effective for the primary admin, but not for promoted admins.

  1. To use SMS authentication, In Select 2FA Delivery Method for Admin, choose SMS Authentication.
    Additional fields appear.
  2. In Set Admin 2FA Code Timeout, set the time in minutes that you want the temporary log-in code to remain valid.
  3. In SMS Service Provider, choose Twilio or Custom.
  4. In Master Admin Phone Number, enter the admin's SMS phone number.
    An invalid master admin phone number will cause lockout - the portal will not be accessible when SMS Authentication is chosen.

Setting 2FA delivery method to email:

  1. To use email authentication, in Select 2FA Delivery Method for Admin, choose Email Authentication
  2. Enter a valid email in the Admin email field above the Enable Two Factor Authentication for Admin Logins field.
  3. In Set Admin 2FA Code Timeout, set the time in minutes that you want the temporary log-in code to remain valid.

Setting 2FA delivery method to TOTP

  1. To use TOTP authentication, in Select 2FA Delivery Method for Admin, choose TOTP Authentication.
  2. In Set Admin 2FA Code Timeout, set the time in minutes that you want the temporary log-in code to remain valid.
  3. See Log in Using Two-Factor Authentication to set up Google Authenticator (or a similar authenticator app) to use for TOTP Authentication.


    Promoted admins use the method to log in to the admin portal that they use to log in to the user portal. 

Reset TOTP settings for the primary admin

When you select TOTP Authentication for the 2FA delivery method, the setting Reset Admin TOTP setup appears below it. If the primary admin loses their TOTP-enabled device or needs to reset the TOTP authenticator code for another reason, a promoted admin with Settings read and update role privileges can click Reset Admin TOTP setup to enable the admin to reset their authenticator code. 

Reset TOTP settings for promoted admins

Since promoted admins use their user login method rather than their admin login method to log into the admin portal, a promoted admin will only log in to the admin portal with TOTP if that is the method set for their user account, and therefore, to reset an promoted admin's TOTP authorization, use the method explained in Two-Factor Authentication for User Portal.