BugBase Documentation
  • 👋Welcome to BugBase Docs
  • Overview
    • 💡What we do
    • ⚡Changelogs
    • ✨Our Features
    • 📂Programs at BugBase
      • Vulnerability Disclosure Program (VDP)
      • Bug Bounty Program
      • Private Bounty Program
      • Pentest Program (VAPT)
  • Report Lifecycle
    • Bug Report
    • Report Status
  • How To
    • 👨‍💻Invite Organization Members to BugBase (RBAC)
    • 🚩Setup a Campaign for better program engagement
    • 🐛Submit a Bug Report on BugBase
    • 📑Create a Bug Bounty Program on BugBase
    • ⬇️Download the mobile app
  • Company Guide
    • 👨‍💼Create a Company Account
    • 🧭Navigation
    • 🛡️Assets Dashboard
    • 🗝️Credential Vaults
      • Creating a Credential Vault
      • Adding Credentials to Vault
      • Connect Credential Vault to an Asset
      • Require Whitelisting for a Credential
    • 🔐VPN Servers
      • Create, Configure and Deploy VPN server
      • Monitor Live Statistics and Logs
    • 🗂️Programs Dashboard
      • ⛳Create a Program
    • 📢Customer Support
    • 💵Bounty Bin
    • ⚙️Company Settings
      • 👨‍🏫Profile
      • 🏢Organisation
      • 👨‍🏭Roles and Permissions
      • 🔐Security & Authentication
        • Multi-Factor Authentication
        • SSO with SAML
          • Okta SSO setup via SAML
          • Google SSO setup via SAML
      • 🎨Customization
        • Automations
        • Report Tags
      • 📙Manage Access
    • 📈Insights Dashboard
    • 🔊Campaigns
    • 💲Understanding Currencies Used in BugBase
    • 🤝Whitelist
  • Program guide
    • Bug Bounty Dashboard
      • Program Reports Section
        • Report Components
        • Report Actions
        • Duplicating Reports
        • Assigning Swags
        • Assigning Bounties
        • Assigning Thanks to Reporters
        • Assigning Bonus Bounty
        • Automatic Response Generator using ChatGPT
      • Program Policy
        • Editing Program Policy
          • Best Practices For Designing Policy
          • Best Practices For Bounty Tables
      • Payouts
      • Settings
    • Private Bug Bounty Dashboard
      • Invite Hackers
      • Manage Credentials
    • VDP Dashboard
    • Pentest Dashboard
      • Pentest Overview
      • Vulnerabilities Section
        • Pentest Report Components
        • Pentest Report Actions
      • Global Pentest Chat
    • Competition Dashboard
      • Dashboard
      • Creating a Competition
        • Adding Challenges
      • Manage Competitions
        • Statistics
        • Leaderboard
        • Manage Users
  • Bounty Hunter Guide
    • Bounty Hunter Dashboard
    • Bounty Hunter Profile
    • Programs Directory
      • Program Policy Page
      • Credentials
      • VPN Access
      • Whitelist
      • Collaborate
    • Bounty Hunter Reports Section
      • Submitting Reports
      • Interaction with Program Representees
      • Collaboration
      • Response Generation through ChatGPT on Report Chat
    • Competitions
    • Discord Community
    • Leaderboard
    • Multi-Factor Authentication
    • Settings
      • Verify KYC
    • Email Alias
    • 🚀Apollo Community
  • Integrations
    • 🔗Supported Integrations
    • Webhooks
    • JIRA
      • Creating a JIRA Issue
    • Slack
      • Managing Integration
    • Microsoft Teams
    • Github
    • Asana
    • Sumo Logic
    • PagerDuty
  • on-premise
    • Running Automated Testing
    • Sandbox Environment
Powered by GitBook
On this page
  • Setup
  • MFA via Authenticator App
  • MFA via Email OTP

Was this helpful?

  1. Company Guide
  2. Company Settings
  3. Security & Authentication

Multi-Factor Authentication

Secure your account with Multi-Factor authentication

PreviousSecurity & AuthenticationNextSSO with SAML

Last updated 1 year ago

Was this helpful?

Multi-factor authentication (MFA) is a security system that requires users to provide multiple forms of authentication in order to access a system, application, or service. This adds an extra layer of security, making it more difficult for unauthorised users to gain access to sensitive information.

You can set up Multi-Factor authentication in one of the two ways. Firstly, using any authenticator app capable of generating Time-based One-Time Password (TOTP) authentication codes. You can use Google Authenticator or Duo Mobile or any other compatible application to generate the codes. Secondly, You can enable OTP based login via Registered Email Address. Everytime you try to login a OTP will be sent to your registered email and you have to verify it.

Setup

To enable Multi-Factor Authentication:

  1. Navigate to Your Company Dashboard > Settings > Security & Authentication.

  2. Choose any one of the Authentication type and Enable it.

MFA via Authenticator App

  1. Toggle Enable multi factor authentication via authenticator app.

  2. A modal would pop up on your screen, click on the Setup button to initiate MFA process.

  1. You will see a QR code and also a Secret key on the screen.

  1. You can either scan the QR code or enter the Secret Key and manually save it on your Authenticator app. Now you would be able to see theBugBase (username) account in your app.

  2. Click Continue once you have added your account in the Authenticator app.

  3. Enter the 6-digit code from the Authenticator app and click on Verify.

  1. After successful verification, you will be logged out from your account and you will be asked to enter the 6-digit OTP every time you are logging in.

MFA via Email OTP

  1. Toggle Enable multi factor authentication via email.

  2. A modal would pop up on your screen, click on the Setup button to initiate MFA process.

  1. A One-Time Password will be sent to your registered email and Enter the OTP to complete the verification process.

You can disable multi-factor authentication as well from Settings > Security.

⚙️
🔐