Configure Two-Factor Authentication for your Own Account

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Product Offering.

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the My Account page, you can configure two-factor authentication for your account.

Tip: Administrators can also enforce two-factor authentication for other accounts when creating or editing a user account.
Note: Before configuring two-factor authentication, check the International Phone Availability list to ensure you are able to receive text messages from Tenable Vulnerability Management.

Add or Modify Two-Factor Authentication

Note: Only one two-factor authentication method can be configured for your account at a time.

To add or modify two-factor authentication:

  1. Access the My Account page.

  2. In the Enable Two Factor Authentication section, do one of the following:

    • To enable authenticator application based authentication:
      1. Click Enable Authenticator App.

        The Two-Factor Setup panel appears.

      2. In the Current Password box, type your Tenable Vulnerability Management password.

      3. Click Next.

        The Time-based One-Time Password panel appears.

      4. In the authenticator application of your choice, scan the QR code.

        In the authenticator application, a Tenable Vulnerability Management verification code appears.

      5. In the Verification Code box, type the code provided by your authenticator application.

        Note: If you do not type the correct verification code, Tenable Vulnerability Management locks the QR code. Delete the setup from your authenticator application and scan a new QR code.

      6. Click Next.

        A Two-Factor Setup Successful message appears and Tenable Vulnerability Management applies your settings to your Tenable Vulnerability Management account.

  3. Once two- factor authentication is configured for your account, you must log out and log back in to Tenable Vulnerability Management to utilize the authentication method.

Disable Two-Factor Authentication

To disable two-factor authentication:

  1. Do one of the following:

    • In the upper-left corner, click the Menu button.

      The left navigation plane appears.

      1. In the left navigation plane, click Settings.

        The Settings page appears.

      2. Click the My Account tile.

        The My Account page appears, where you can view and update your account details.

    • In the upper-right corner of any page, click the blue user circle.

      The user account menu appears.

      1. Click My Profile.

        The My Account page appears.

  2. In the Change Password section, in the Current Password box, type your current password.

  3. In the Enable Two Factor Authentication section, click Disable.

    A Disable Two-Factor confirmation message appears.

  4. Read the warning message, then click Continue.

    Tenable Vulnerability Management disables two-factor authentication for your account.