- Enable or disable individual 2-step verification in your personal settings
- Generate backup codes
Individual 2-step verification increases the security of an Optimizely account by adding a second level of authentication when signing in. Instead of relying only on a password, individual 2-step verification requires you to enter a code that you access from your mobile phone. That way, you can rest easy knowing that the account is protected, even if your password is compromised.
This article walks you through how to enable and disable individual 2-step verification in your personal settings. This option is available to any collaborator on any account.
If you're an administrator for the account, you can also require that all collaborators on the account use 2-step verification. This article walks you through how to enable the account-level 2-step verification requirement.
Enable individual 2-step verification
To get started with 2-step verification, follow these steps:
Download and install an authenticator app for your phone. Currently, you can choose from Google Authenticator (Android, iOS, Blackberry), Duo Mobile (Android, iOS) or Microsoft Authenticator (Windows Phone).
These apps generate secret codes for your phone every 30 seconds. When you log in to Optimizely, you’ll need the most current code to gain access to your account.
Enable individual 2-step verification.
In Optimizely X, navigate to Profile. Under 2-Step Verification, select Enable:
Enter your Optimizely password to confirm 2-step verification and click Next.
Open the authenticator app from your mobile device and use it to scan the QR code generated by Optimizely. This will link your account to your phone.
Your phone’s authenticator app will generate a security code. Enter this security code in the Optimizely field and click Next.
That’s it! You’ve successfully enabled individual 2-step verification.
If you lose your phone or can’t access your authenticator app, you can use a backup code for one-time access into your account. These codes are generated for you when you enable 2-Step Verification, and you can generate new ones any time from your Account Settings. Please write them down and store them in a safe place.
After you enable individual 2-step verification, you will need to enter a current security code from your authenticator app in addition to your password any time you sign in to Optimizely.
We suggest you follow these steps:
Sign in to Optimizely using your username and password. Doing so will prompt you to enter your security code.
Open your authenticator app on your mobile device. It will generate a new security code every 30 seconds.
Enter the current security code and click Verify before the code expires.
When you enable individual 2-step verification, you are given a list of backup codes similar to these:
It's important to write down the codes generated for you and store them in a safe place. If you lose your phone or cannot access your authenticator app, you can use a backup code for one-time access to your account. After a code is used, it is no longer valid.
You can generate new backup codes any time by clicking Generate New Backup Codes from the 2-step verification options in your Account Settings. This will render all older codes invalid.
Disable individual 2-step verification
If you no longer want the extra protection provided by individual 2-step verification, you can disable the feature in your Account Settings. Just select Disable (instead of Enable), click Save, and enter your Optimizely password when prompted.
If you are having trouble logging into your account using individual 2-step verification, try the following steps in order:
Use one of the backup codes generated during your initial sign-up.
If you are using an authentication app such as Google Authenticator, check the app's time correction settings and re-sync the app if necessary.
If you are still signed into Optimizely (on another device, for example), turn off individual 2-step verification within your Account Settings.
Ask an administrator on your account to open a support ticket on your behalf. Provide the user's email address whose 2-step verification is not working. If you are an administrator on the account and can't log in, have another administrator file a support ticket on your behalf.
If these steps do not work, please file an online ticket for support.