- Enable or disable 2-Step verification
- Install an authenticator app
- Generate backup codes
2-Step Verification increases the security of your Optimizely account by adding a second level of authentication when signing in. Instead of relying only on a password, 2-Step Verification will also require you to enter a code that you access from your mobile phone.
With 2-Step Verification enabled, you can rest easy knowing that your account is protected, even if your password is compromised.
2-Step Verification is available to all Enterprise customers. Account administrators on select Enterprise plans may also enforce 2-Step Verification for all collaborators across their organization.
Enable 2-Step Verification
To get started with 2-Step Verification, simply follow these steps:
First, download and install an authenticator app for your phone. Currently, you can choose from Google Authenticator (Android, iOS, Blackberry), Duo Mobile (Android, iOS) or Microsoft Authenticator (Windows Phone).
These apps generate secret codes for your phone every 30 seconds. When you log in to Optimizely, you’ll need the most current code to gain access to your account.
Next, Enable 2-Step Verification from your Account Settings, in the Account tab.
Here's how that works in Optimizely X:
Here's how that works in Optimizely Classic:
Confirm 2-step verification with your Optimizely password. Then, click Next.
After you enable 2-Step Verification, open the authenticator app from your mobile device and use it to scan a QR barcode generated by Optimizely.
This will link your account to your phone.
Your phone’s authenticator app will now generate a security code. Enter this number in the box provided by Optimizely and click Next.
That’s it! You’ve successfully enabled 2-Step Verification.
To enforce two-step verification for all collaborators, check Require 2-Step Verification in the Account tab.
If you lose your phone or can’t access your authenticator app, you can use a backup code for one-time access into your account. These codes are generated for you when you enable 2-Step Verification, and you can generate new ones any time from your Account Settings. Please write them down and store them in a safe place.
Once you have enabled 2-Step Verification, you will need to enter a current security code from your authenticator app in addition to your password any time you sign-in to Optimizely.
We suggest you follow these steps:
Sign-in to Optimizely using your username and password. Doing so will prompt you to enter your security code.
Open your authenticator app on your mobile device. It will generate a new security code every 30 seconds.
Enter the current security code and click Verify before the code expires.
When you enable 2-Step Verification, you are given a list of backup codes similar to the screenshot below.
It's important for you to write down the codes generated for you and store them in a safe-place. If you lose your phone or cannot access your authenticator app, you can use a backup code for one-time access into your account. Once a code is used, it is no longer valid. However, you can generate new backup codes anytime by clicking Generate New Backup Codes from the 2-Step Verification options in your Account Settings. This will render all older codes invalid.
Disable 2-step Verification
If you no longer want the extra protection provided by 2-Step Verification, you can disable the feature from your Account Settings.
Simply select Disable, click Save, and enter your Optimizely password when prompted.
If you are having trouble logging into your account using 2-Step Verification, try the following steps in order:
Use one of the Backup Codes generated during your initial sign-up.
If you are using an authentication app such as Google Authenticator, check the app's time correction settings and re-sync the app if necessary.
If you are still signed into Optimizely (on another device, for example), you can turn off 2-Step Verification within your Account Settings page.
Ask an Admin on your account to open a support ticket on your behalf. Provide the specific user's email address where 2-Step Verification is not working. If you are an Admin on the account and cannot login, have another Admin file a support ticket on your behalf with this information.
If the above steps do not work, please file a support ticket.