Setting up Two-factor Authentication (2FA) with Google Authenticator

Strengthening Your Account with Two-Factor Authentication (2FA)

In the current landscape of cloud security, a password alone is often not enough. Two-Factor Authentication (2FA) acts as a digital deadbolt for your Alfrolia Cloud account. By requiring a second "factor"—something only you possess—you ensure that even if your password is compromised in a breach, your data remains inaccessible to intruders.

[!TIP] Why it matters: 2FA effectively neutralizes the risk of 99% of bulk automated attacks. It is the single most effective step you can take to protect your infrastructure.

Prerequisites

Before you begin, ensure you have a Time-based One-Time Password (TOTP) app installed on your mobile device. For 2026, we recommend:

Sentinel Authenticator: (Recommended) Features zero-knowledge cloud backups.
Google Authenticator: Now supports encrypted synchronization with your Google Account.
Microsoft Authenticator: Ideal for users already integrated into the Microsoft ecosystem.
Authy: Great for multi-device support.

Step-by-Step Setup

Setting up 2FA only takes about two minutes. Follow these steps to secure your account:

Navigate to Account Settings: Sign in to your Alfrolia account and head to Manage Profile.
Enable TOTP: Locate the Two-factor authentication (TOTP) section and click Enable.
Prepare your App: Open your chosen authenticator app on your phone and select "Add account" or the + icon.
Scan and Pair: Use your phone’s camera to scan the QR code displayed on your Alfrolia dashboard.

If your camera isn't working, click "Enter key manually" and type in the provided alphanumeric string.

Final Verification: Your app will generate a 6-digit code. Enter this code into the Alfrolia verification box and click Verify.

Managing Recovery Codes: Your "Break Glass" Plan

Once 2FA is active, Alfrolia will generate a set of Recovery Codes.

This is the most critical step of the setup. If you lose your phone or the app is deleted, these codes are the only way to regain access without a lengthy manual identity verification process with our support team.

Store them digitally: Save them in a secure password manager (like Bitwarden or 1Password).
Store them physically: Print a copy and keep it in a secure location, like a physical safe.
Never share them: Alfrolia employees will never ask for your recovery codes.

Troubleshooting & Common Issues

Issue	Likely Cause	Solution
Invalid Code	Time desync	Ensure your phone's time is set to Set Automatically. Codes are time-sensitive.
Lost Device	App inaccessible	Log in using one of your Recovery Codes and reset your 2FA settings.
Missing Codes	Never saved them	If you are still logged in, go to Security and click Regenerate Codes.

Best Practices for Cloud Security

Mandatory for Admins: If you manage a team on Alfrolia, we strongly recommend requiring 2FA for all users with "Administrator" or "Billing" privileges.
The "New Phone" Routine: When upgrading your device, always use the app’s "Transfer" feature before wiping your old phone.
Avoid SMS 2FA: While Alfrolia supports various methods, TOTP apps (like the ones listed above) are significantly more secure than SMS-based codes, which can be intercepted via SIM-swapping.

Strengthening Your Account with Two-Factor Authentication (2FA)​

Prerequisites​

Step-by-Step Setup​

Managing Recovery Codes: Your "Break Glass" Plan​

Troubleshooting & Common Issues​

Best Practices for Cloud Security​