Configure Two-Factor Authentication for your Own Account

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Product Offering.

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the My Account page, you can configure two-factor authentication for your account.

Tip: Administrators can also enforce two-factor authentication for other accounts when creating or editing a user account.
Note: Before configuring two-factor authentication, check the International Phone Availability list to ensure you are able to receive text messages from Tenable Web App Scanning.

Add or Modify Two-Factor Authentication

Note: Only one two-factor authentication method can be configured for your account at a time.

To add or modify two-factor authentication:

  1. Access the My Account page.

  2. In the Enable Two Factor Authentication section, do one of the following:

    • To enable authenticator application based authentication:
      1. Click Enable Authenticator App.

        The Two-Factor Setup panel appears.

      2. In the Current Password box, type your Tenable Web App Scanning password.

      3. Click Next.

        The Time-based One-Time Password panel appears.

      4. In the authenticator application of your choice, scan the QR code.

        In the authenticator application, a Tenable Web App Scanning verification code appears.

      5. In the Verification Code box, type the code provided by your authenticator application.

        Note: If you do not type the correct verification code, Tenable Web App Scanning locks the QR code. Delete the setup from your authenticator application and scan a new QR code.

      6. Click Next.

        A Two-Factor Setup Successful message appears and Tenable Web App Scanning applies your settings to your Tenable Web App Scanning account.

  3. Once two- factor authentication is configured for your account, you must log out and log back in to Tenable Web App Scanning to utilize the authentication method.

Disable Two-Factor Authentication

To disable two-factor authentication:

  1. Do one of the following:

    • In the upper-left corner, click the Menu button.

      The left navigation plane appears.

      1. In the left navigation plane, click Settings.

        The Settings page appears.

      2. Click the My Account tile.

        The My Account page appears, where you can view and update your account details.

    • In the upper-right corner of any page, click the blue user circle.

      The user account menu appears.

      1. Click My Profile.

        The My Account page appears.

  2. In the Change Password section, in the Current Password box, type your current password.

  3. In the Enable Two Factor Authentication section, click Disable.

    A Disable Two-Factor confirmation message appears.

  4. Read the warning message, then click Continue.

    Tenable Web App Scanning disables two-factor authentication for your account.