Two-factor authentication (2FA), sometimes called multi-factor authentication (MFA), is a common online security practice. Users must provide two forms (or 'factors') of authentication to log into an account or access certain data.
Typically, these two factors are a password and a six-digit code from an authenticator app, such as Google Authenticator or Microsoft Authenticator.
Two-factor authentication makes it far more challenging for cybercriminals to access your account or breach sensitive data. As a result, two-factor authentication is generally considered an online security best practice.
Please follow the steps below to enable two-factor authentication for your personal Tanda account.
Enabling Two-Factor Authentication For Your Personal Tanda Account
To enable two-factor authentication in your personal Tanda account:
Log in to your Tanda account in a web browser at my.tanda.co
Navigate to My Profile.
Click 'Enable two-factor authentication.'
You will see a popup prompting you to download the Google Authenticator app, scan the QR code, and enter your Google Authenticator code. Follow these steps and click enable.
You will see a message confirming that you have enabled two-factor authentication, along with the option to disable it in the future if necessary.
Once enabled, two-factor authentication will apply whenever you try to log into Tanda on desktop or via the Tanda Mobile App, so keep your authenticator app handy!
Note: Once you have configured two-factor authentication, please keep the Google Authenticator app (or your authenticator app of choice) installed on your phone. Do not delete or uninstall the authenticator app. If you lose access to your authenticator app, you must recover each linked profile manually.
Logging in With Two-Factor Authentication
Once you have enabled two-factor authentication, navigate to the Tanda login page and enter your username and password. You will then be prompted to enter the 6-digit code the authenticator app provides.
Then, navigate to the Google Authenticator app and locate the six-digit authentication code associated with Tanda.
Copy this code, then navigate to Tanda and paste it within 30 seconds before the code expires. Click log in.
Resolving Common Setup Errors
If you encounter any error messages during the setup process, such as "There were some problems verifying your code. Please try again" or "Invalid code", follow the steps below:
Log out of Tanda.
Delete/unlink the Tanda account from your Authenticator app.
Log back into Tanda.
Set up TFA again, following the steps outlined above.
If you still encounter these errors, please try clearing your browser cookies. Alternatively, try completing these steps again in a different web browser.
To delete your Tanda account from the Google Authenticator app:
On iOS: Tap the pencil icon in the top right of the screen, select the Tanda account, and then tap Delete.
On Android: Swipe left on the account you want to delete, then select 'remove account' to confirm.
Enforcing Mandatory Two-Factor Authentication in Tanda
As well as supporting two-factor authentication for individual accounts, we also allow organisations to enforce mandatory two-factor authentication for any users who can see anyone else's data in Tanda (i.e. anyone with Manager or Admin-level user permissions). This setting does not apply to users with employee-level permissions.
To enable this setting, navigate to Settings > General Settings > Show Advanced Settings. Then, tick Enforce Multi-Factor Authentication and select Update Settings. You need admin-level permissions to enable or disable this setting. Once enabled, it will be mandatory for all admins and managers to use 2FA when logging in.
For more details, see our help guide on enabling two-factor authentication.
What If You Can't Access Your Authenticator App
If you can't access your phone to generate an authentication code—or if the authenticator app isn't working for any other reason—you can also receive the code via email.
To send an authentication code to your email:
Enter your username and password as normal. Then, on the 2FA verification page, click 'The app isn't working, email me a verification code.'
After clicking this, you will receive a notification confirming the code has been sent to your email.
Check your email (the address you use to log in to Tanda) to find your authentication code.
Enter this code and complete the login process as usual.
How To Generate A New QR Code
If you need to regenerate the authenticator app QR code for any reason (and you don't have access to your Tanda account), use the above method to send an authentication code to your email.
Then, log in to your account and navigate to 'my profile.' Select 'disable two-factor authentication.' From here, you will need to re-configure 2FA in your account by following the steps outlined in this article. During this process, you will be able to re-scan the QR code.
Resolving Login Errors
Two-factor authentication is time-based. Most authenticator apps give you 30 seconds to enter your code after it has been generated. After 30 seconds, it will reset with a new code. As such, the most common login issue with 2FA is an expired code. To resolve this, navigate to the authenticator app and enter the new code within 30 seconds.
As 2FA is time-based, it's also vital to synchronise the time settings on your devices.
Authenticating Via An Authenticator App
Each authentication code is only valid for 30 seconds, so ensure the code you enter in Tanda is the same as the one in your authenticator app.
You might get an error message saying you entered an invalid code if:
You took longer than 30 seconds to enter the authentication code.
Your device’s time settings aren't synchronised with the time settings on your computer.
If the code you entered initially is incorrect, navigate back to the authenticator app, wait 30 seconds, and a new code will appear. Then, enter that new code in Tanda.
Authenticating Via Email
When authenticating via email, each code is only valid for 3 minutes.
You might get an error message saying you entered an invalid code if:
You took longer than 3 minutes to enter the authenticator code.
Your device’s time settings aren't synchronised with the time settings on your computer.
If the code you enter still isn't working, follow the steps above to have another authentication code sent to your email.
'Remember Me' Isn't Working
The 'remember me' setting ("Remember this device for 30 days") is linked to the specific computer and browser you’re using. When ticked, Tanda will automatically remember you on that particular computer and browser and skip the 2FA login process. This setting will only work if you use the same computer and browser each time you log in. It lasts for 30 days.
You’ll need to use an authentication code to log in if:
You’re using a different web browser or computer.
You’ve cleared cookies from your browser, or cookies aren't enabled.
You’ve turned on private or incognito browsing.
You’re using a different internet connection.
Another user has logged in on the same computer using the same browser.
Note: Only tick the 'remember me' button on a secure personal device. Do not tick 'remember me' on a shared or public device, as you risk others accessing your account.
What If You Don't Have A Smartphone?
If you want to enable two-factor authentication but don't have a smartphone, don't worry.
You can also install a web-based authenticator app to your browser add-ons, such as Google Authenticator. You can then use this web-based authenticator app to scan the QR code and authenticate login attempts in Tanda.
For more troubleshooting tips and advice, please see Google's Authenticator help guide.
FAQs
How do I know if two-factor authentication is enabled for my account?
How do I know if two-factor authentication is enabled for my account?
To quickly see whether two-factor authentication is enabled or disabled in your account, navigate to My Profile, then scroll to the bottom of the page, where you will see one of the below messages:
If you are a manager or admin, your organisation may also have enabled mandatory two-factor authentication. In this case, you should contact your account admin directly to confirm.
Can I still disable two-factor authentication after enabling it?
Can I still disable two-factor authentication after enabling it?
Yes, as long as your organisation hasn't enabled mandatory two-factor authentication, you can disable it for your personal account anytime. Simply navigate to My Profile, then click disable two-factor authentication.
Why do I have to enable two-factor authentication?
Why do I have to enable two-factor authentication?
In most cases, enabling two-factor authentication isn't mandatory—just strongly recommended. For more details on why, see our help guide: Why Do I Have to Enable Two-Factor Authentication?
I'm getting an error message when entering my authentication code. Why?
I'm getting an error message when entering my authentication code. Why?
If you receive an error message when entering your authentication code in Tanda, double-check you have entered the code correctly, paying attention to any possible typos. Often, a mistyped code is the culprit.
It's also possible that you took too long to enter the authentication code. Remember, most authenticator apps give you 30 seconds to enter the code before it regenerates.
If you're still getting an error message, try clearing your browser cookies or logging in on a different browser.
If this still doesn't resolve your issue, please reach out to our friendly support team at support@tanda.co for more troubleshooting advice.
I can't access the 'enforce multi-factor authentication' setting. Why not?
I can't access the 'enforce multi-factor authentication' setting. Why not?
If you cannot find/access the 'Enable Multi-Factor Authentication' setting, you most likely have the wrong user permissions. Only admins can enable and disable this setting. We recommend contacting your account admin if you need clarification about your user permission levels.
Can I set up two-factor authentication using my email address instead of an authenticator app?
Can I set up two-factor authentication using my email address instead of an authenticator app?
No, you will need to set up 2FA using a trusted authenticator app, such as Google Authenticator or Microsoft Authenticator.
However, if you can't access your authenticator app, you can request a verification code via email. To do so, click "Use an alternative authentication method" when logging in, then select "Receive an email with your verification code."