Configure Two-Factor Authentication
Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
On the My Account page, you can configure two-factor authentication for your account.
Tip: Administrators can also enforce two-factor authentication for other accounts when creating or editing a user account.
Note: Before configuring two-factor authentication, check the International Phone Availability list to ensure you are able to receive text messages from Tenable Vulnerability Management.
- Access the My Account page.
-
In the Enable Two Factor Authentication section, do one of the following:
- To enable SMS two factor authentication:
- Click Enable SMS Two Factor Authentication.
The Two-Factor Setup plane appears.
In the Current Password box, type your Tenable Vulnerability Management password.
In the Phone Number box, type your mobile phone number.
Note: By default, Tenable Vulnerability Management treats mobile numbers as U.S. numbers and prepends the +1 country code. If your mobile phone number is a non-U.S. number, be sure to prepend the appropriate country code.
Click Next.
The Verification Code plane appears and Tenable Vulnerability Management sends a text message with a verification code to the phone number.
In the Verification Code box, type the verification code you received.
Click Next.
A Two-Factor Setup Successful message appears and Tenable Vulnerability Management applies your settings to your Tenable Vulnerability Management account.
- (Optional) To configure whether Tenable Vulnerability Management sends a verification code to the email associated
with your user account:
- Select or clear the Send backup email check box.
- Click Update.
Tenable Vulnerability Management updates your backup email settings.
Note: Once you save the phone number for this configuration, you cannot edit or change the phone number. You must configure a new authentication setup for any additional phone numbers you want to use. - Click Enable SMS Two Factor Authentication.
- To enable authenticator application based authentication:
- Click Enable Authenticator App.
The Two-Factor Setup plane appears.
In the Current Password box, type your Tenable Vulnerability Management password.
Click Next.
The Time-based One-Time Password plane appears.
In the authenticator application of your choice, scan the QR code.
In the authenticator application, a Tenable Vulnerability Management verification code appears.
In the Verification Code box, type the code provided by your authenticator application.
Note: If you do not type the correct verification code, Tenable Vulnerability Management locks the QR code. Delete the setup from your authenticator application and scan a new QR code.
Click Next.
A Two-Factor Setup Successful message appears and Tenable Vulnerability Management applies your settings to your Tenable Vulnerability Management account.
- Click Enable Authenticator App.
- To enable SMS two factor authentication:
- Do one of the following:
In the upper-left corner, click the button.
The left navigation plane appears.
In the left navigation plane, click Settings.
The Settings page appears.
Click the My Account tile.
The My Account page appears, where you can view and update your account details.
In the upper-right corner, click the blue user circle.
The user account menu appears.
- Click My Profile.
The My Account page appears.
- Click My Profile.
- In the Change Password section, in the Current Password box, type your current password.
-
In the Enable Two Factor Authentication section, click Disable.
A Disable Two-Factor confirmation message appears.
-
Read the warning message, then click Continue.
Tenable Vulnerability Management disables two-factor authentication for your account.