Account Security

Synerise provides several ways of account protection. One of them is setting a password. Within the account protection measures, users can define password policy and change their passwords in accordance with this policy.

You can also secure your account with two-factor authentication (2FA). If you have access to any workspace that enforces 2FA, you must configure it to be able to log on.

Important: Logging on with Security Assertion Markup Language (SAML) is treated as a successful 2FA login. If you log on with SAML, 2FA is shown as enabled in your settings.

Changing password

Blank password change section — A blank password change section

Go to Settings > Account Security.
In the Current password field, enter a password you used so far.
In the New password field, enter a password that meets the requirements listed under the fields.
Important: These requirements are sourced from the Password policy section. If a user belongs to more than one workspace, the system selects here the strongest password policy among the workspaces a user is assigned to.
In the Confirm password field, enter the new password.
Confirm the change of the password by clicking Save.

Two-factor authentication

WARNING: After completing the following procedures, you will be logged out of all devices!

You can enable two-factor authentication (2FA) individually for your account. It can also be enforced when 2FA is enabled for the workspace. The configuration requires you to define the method of verifying your identity while logging in to your account apart from the password.

You choose to verify your identity while logging in by:

an authenticator app on your smartphone
email with code - Synerise sends an email with a security code to the user

Log-in view when 2FA is enabled — Log-in view with a default 2FA method, when both methods are enabled, users can switch between them

When 2FA is enforced for the workspace

Log in to your Synerise account.
Select the workspace which requires 2FA.
Such workspaces are marked with a key icon and an Access restricted label when you hover over them.
Result: A pop-up opens, asking to enable 2FA.
Click Enable 2FA.
Result:
You are redirected to your account security settings page ( Settings > Account Security). Follow the instructions in “Enabling 2FA for individual account”

Enabling 2FA for individual account

Go to Settings > Account Security.
In the Two-factor authentication section, click Show.
From the Add method dropdown list, select a method or methods by means of which you will have to additionally verify your identity while logging in:
- Authenticator application - You will have to download any Time-Based One Time Password (TOTP) application to your mobile device and provide the code the application generates while logging in to Synerise.
  Tip:
  Example applications: Microsoft Authenticator, Google Authenticator.
  - If you’re not sure which authenticator app you should use, consult the security department in your company.
  - Make sure that the date and time in your phone are correct. They should be fetched from a time server.
- Email with code - when logging in, you will need to enter a code from an email.
If you select multiple authentication methods, use the Default method dropdown list to define which method will be selected by default on the log-in screen.
By default, you must enter an authentication code during each log-in attempt on the same device. If you would like to customize the frequency of authentication code requests, you can enable the Change frequency of 2FA authentication option and in the Expiration time field, provide a value that specifies the duration after which a new authentication code will be required.

Two-factor authentication configuration form
In the upper-right corner of the Two-factor authentication section, click Apply and continue depending on the selected method:
The Send email with verification code pop-up appears.

Click Send email.
Result: An email with the verification code is sent to your email.

On the pop-up, in the Verification code field, enter the code you received in the message.

Click Close & Logout.
A QR code is displayed.

With the authenticator app, scan the QR code that corresponds to the operating system of your mobile device.

Click Next.

In the mobile application, locate the account you added.

In Synerise, in the Verification code field, enter the 6-digit code from the application.
Result: A backup code is displayed.

WARNING: This is the last time the backup code is shown to you.

Store the backup code securely.
The code is needed to recover an account when you lose access to the authenticator app or to disable 2FA.

Click Close & Logout.

Result:

When logging in, in addition to password, you must provide the 6-digit code from the application or from the email.
The backup code which is generated when you select the Authenticator app method can be used to:
- Recover your account if you lose access to the authentication app.
- Disable 2FA on your account.

Disabling 2FA for individual accounts

WARNING: After completing this procedure, you will be logged out of all devices.

Go to Settings > Account Security.
In the Two-factor authentication section, click Show.
If you want to:
- disable The Authenticator application method, on the pop-up, in the Backup code field, enter the code you received after enabling this method. Confirm by clicking Disable & Logout
- disable The Email with code method, on the pop-up, request a code for disabling the method. Enter the code you receive through email and click Disable & Logout.