Configure Two-Factor Authentication

Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Tenable.io Web Application Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the My Account page, you can configure two-factor authentication for your account.

Tip: Administrators can also enforce two-factor authentication for other accounts when creating or editing a user account.

Note: Before configuring two-factor authentication, check the International Phone Availability list to ensure you are able to receive text messages from Tenable.io.

  1. Do one of the following:

    • In the upper-left corner, click the Menu button.

      The left navigation plane appears.

      1. In the left navigation plane, click Settings.

        The Settings page appears.

      2. Click the My Account tile.

        The My Account page appears, where you can view and update your account details.

    • In the upper-right corner, click the button.

      The user account menu appears.

      1. Click My Account.

        The My Account page appears.

  2. In the Enable Two Factor Authentication section, do one of the following:

    • To enable SMS two factor authentication:
      1. Click Enable SMS Two Factor Authentication.

        The Two-Factor Setup plane appears.

      2. In the Current Password box, type your Tenable.io password.

      3. In the Phone Number box, type your mobile phone number.

        Note: By default, Tenable.io treats mobile numbers as U.S. numbers and prepends the +1 country code. If your mobile phone number is a non-U.S. number, be sure to prepend the appropriate country code.

      4. Click Next.

        The Verification Code plane appears and Tenable.io sends a text message with a verification code to the phone number.

      5. In the Verification Code box, type the verification code you received.

      6. Click Next.

        A Two-Factor Setup Successful message appears and Tenable.io applies your settings to your Tenable.io account.

      7. (Optional) To configure whether Tenable.io sends a verification code to the email associated with your user account:
        1. Select or clear the Send backup email check box.
        2. Click Update.

          Tenable.io updates your backup email settings.

    • To enable authenticator application based authentication:
      1. Click Enable Authenticator App.

        The Two-Factor Setup plane appears.

      2. In the Current Password box, type your Tenable.io password.

      3. Click Next.

        The Time-based One-Time Password plane appears.

      4. In the authenticator application of your choice, scan the QR code.

        In the authenticator application, a Tenable.io verification code appears.

      5. In the Verification Code box, type the code provided by your authenticator application.

        Note: If you do not type the correct verification code, Tenable.io locks the QR code. Delete the setup from your authenticator application and scan a new QR code.

      6. Click Next.

        A Two-Factor Setup Successful message appears and Tenable.io applies your settings to your Tenable.io account.

  1. Do one of the following:

    • In the upper-left corner, click the Menu button.

      The left navigation plane appears.

      1. In the left navigation plane, click Settings.

        The Settings page appears.

      2. Click the My Account tile.

        The My Account page appears, where you can view and update your account details.

    • In the upper-right corner, click the button.

      The user account menu appears.

      1. Click My Account.

        The My Account page appears.

  2. In the Change Password section, in the Current Password box, type your current password.

  3. In the Enable Two Factor Authentication section, click Disable.

    A Disable Two-Factor confirmation message appears.

  4. Read the warning message, then click Continue.

    Tenable.io disables two-factor authentication for your account.