diff --git a/docs/two-factor-auth/2fa-disable.md b/docs/two-factor-auth/2fa-disable.md new file mode 100644 index 0000000..4dd2248 --- /dev/null +++ b/docs/two-factor-auth/2fa-disable.md @@ -0,0 +1,20 @@ +## Disabling Two-Factor Authentication (2FA) + + +### Disable TOTP + +1. Log in to your SimpleLogin account using your browser. +2. Locate the "Two Factor Authentication" section in the account settings. +3. Click on the "Disable TOTP" button to initiate the process. You will be prompted to enter your account password. +4. Click on the "Submit" button to verify your identity. +5. Click on the "Disable TOTP" button to confirm. + +## Disabling WebAuthn (FIDO) + +1. Locate the "Security Key (WebAuthn)" section in the account settings. +2. Click on the "Manage WebAuth" button to initiate the process. +3. You will be directed to the "Manage Your Security Key" page. +4. Find and click the "Unlink" button next to the security key you wish to unlink. + +**Disabling Two-Factor Authentication (2FA) or WebAuthn (FIDO) reduces the security of your account. We strongly recommend reactivating 2FA to protect account against unauthorized access.** +**Be reminded to re-activate 2FA later or consider using WebAuthn (FIDO) for enhanced security.** diff --git a/docs/two-factor-auth/2fa-setup.md b/docs/two-factor-auth/2fa-setup.md new file mode 100644 index 0000000..1aa8e75 --- /dev/null +++ b/docs/two-factor-auth/2fa-setup.md @@ -0,0 +1,27 @@ +## Enable Two-Factor Authentication (2FA) + +To begin the setup process: + +1. Log in to your SimpleLogin account using your browser. +2. Head to the "Settings" section located in the top-right corner of your dashboard. +3. Navigate to the "Security" or "Security Settings" tab to configure your authentication options. + +## Authenticator App Setup + +1. Locate the "Two Factor Authentication" option. +2. Press "Setup TOTP" button to enable 2FA. You will have to enter your account password for security verification. +3. Select a 2FA application on your phone or PC (e.g., Proton Pass, Aegis) +4. Scan the provided QR code or manually enter the secret key into the app. +5. Retrieve the 6-digit token generated by the authenticator + +## Security Key Authentication Setup + +1. Locate the "Security Key (WebAuthn)" option. +2. Click on "Setup WebAuth" to initiate the Security Key setup process. +3. Provide a name for your key (required) for easy identification. +4. Click on "Register Key" to complete the registration process. You shoud follow your browser instructions to register your security key with SimpleLogin. + +## Recovery codes + +After setting up 2FA, you will see recovery codes. Store recovery codes in a safe and easily accessible location, considering using a secure physical drive (recommended) or password manager. Be aware that each recovery code is single-use and can't be used several times. +We recommend to keep track of used and unused codes to maintain account accessibility. diff --git a/mkdocs.yml b/mkdocs.yml index 57fdb3d..cf3448f 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -49,6 +49,9 @@ nav: - Anti-phishing: getting-started/anti-phishing.md - Other email alias service: getting-started/compatibility-email-alias.md - Troubleshooting: getting-started/troubleshooting.md + - Two factor authentication: + - Enabling 2FA: /two-factor-auth/2fa-setup.md + - Disabling 2FA: /two-factor-auth/2fa-disable.md - Custom Domain: - Add a Custom Domain: custom-domain/add-domain.md - Manage your domain: custom-domain/manage-domain.md