Legacy Two-Factor Authentication
On this page
Legacy 2FA is deprecated. If you currently have legacy 2FA enabled you can continue to use it, but it is recommended that you switch to multi-factor authentication. To use MFA, disable legacy two-factor authentication and enable multi-factor authentication instead.
If an Organization Owner
enables MFA,
all organization members must also enable MFA before
accessing that organization.
Two-factor authentication provides a second layer of security for your Atlas account. If you enable 2FA for your account and after you enter your username and password, you are prompted for a six-digit time-sensitive verification code. This code is sent to a separate device, such as a mobile phone or security token, that you can read and enter into Atlas and complete your login.
- An Atlas
Organization Owner
can require that all Atlas users within their organization enable 2FA for their Atlas accounts. For more information, see Require Multi-Factor Authentication. If you login using your Google account:
Google manages your 2FA. You can't use Atlas two factor authentication and won't be prompted for an Atlas 2FA verification when you log into Atlas. Google should verify your identity using Google 2-Step Verification.
To learn more about organization settings, see Change Organization Settings.
Atlas provides the following sources for 2FA verification codes:
Configure Two-Factor Authentication
Configure Backup Two Factor Authentication Phone Number
You can configure a backup phone number for receiving 2FA codes if the primary method fails or is unavailable.
If you have not yet enabled 2FA for the Atlas account, do so before proceeding. See Configure Two-Factor Authentication.
Configure a backup phone number.
- Select Add a Backup Phone.
- Enter your preferred phone number in the text entry.
Select your preferred method of receiving codes:
- Text Message (SMS)
- Voice Call (US / Canada Only)
- Click Verify once you have configured your Voice/SMS authentication settings.
- Click Save Changes.
Generate New Recovery Codes
Atlas can generate single-use recovery codes for use where all other methods of accessing the account fail. When you generate new recovery codes, you invalidate previously generated ones.
If you have not yet enabled 2FA for the Atlas account, do so before proceeding. See Configure Two-Factor Authentication.
Reset Legacy Two Factor Authentication
If you have legacy 2FA enabled and you lose access to your 2FA device, you can reset 2FA for your account. Because legacy 2FA is deprecated, you cannot re-establish it after you reset it. Instead, you can enable multi-factor authentication.
The following procedure resets legacy 2FA for your Atlas account. To edit MFA settings, see multi-factor authentication.
In order to reset your legacy two-factor authentication, you must:
- Be able to receive email at the address associated with your account.
- Have the database username and password for a project of which you are a member.
- Be a direct member of the project which your username and password correspond to. If you have access to the project only through a team that has a role in the project, you cannot reset two-factor authentication for your Atlas account.
- Log in to Atlas.
- From the 2FA entry dialog, select Reset your two factor authentication.
- Select Atlas user? Click here at the bottom of the
Reset Two Factor Authentication
modal. Enter your Atlas username. Atlas emails a link to the email account associated with the Atlas username.
ImportantThe link to start the 2FA reset procedure is only active for two hours after Atlas sends the email. Make sure you click the link within the two-hour window.
- Click the link in the email to start the 2FA reset procedure.
- Follow the directions on the 2FA reset page. After completing the reset procedure, Atlas allows you to log in to the Atlas account without requiring a 2FA code.