Activating two-factor authentication (2FA)¶

This page explains how to install an authenticator app and activate time-based one-time passwords (TOTP) for your account.

What you need¶

• Your account login (username/email + password)
• An authenticator app on a phone or computer
• A few minutes of uninterrupted setup time

Choose an authenticator app¶

Any app that supports TOTP (RFC 6238) should work.

List of authenticator apps¶

• Ente Auth
  • Installation: https://ente.io/auth/
    • available on desktop (Windows / Linux / MacOS) and mobile (Android / iOS)
  • Help: https://ente.io/help/
• Microsoft Authenticator
  • Installation:
    • Android: https://play.google.com/store/apps/details?id=com.azure.authenticator&hl=en
    • iOS: https://apps.apple.com/us/app/microsoft-authenticator/id983156458
  • Help: https://support.microsoft.com/en-us/authenticator/about-microsoft-authenticator
• Google Authenticator
  • Installation:
    • Android: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
    • iOS: https://apps.apple.com/us/app/google-authenticator/id388497605
  • Help: https://support.google.com/accounts/answer/1066447?hl=en&co=GENIE.Platform%3DAndroid
• Authy
  • Installation:
    • Android: https://play.google.com/store/apps/details?id=com.authy.authy
    • iOS: https://apps.apple.com/us/app/twilio-authy/id494168017
  • Help: https://support.authy.com/

Activate 2FA for ZODIAC Observatory¶

1. After logging in to the ZODIAC observatory, you are automatically redirected to the "Activate Authenticator App" page.
2. You will see a QR code and an Authenticator secret.
   • Option B: Scan QR code via the authenticator app on your smartphone
   • Option A: Enter the authenticator secret into your desktop authenticator app.
3. The app will start showing 6-digit (or 8-digit) codes that change every few seconds.
4. Enter the current code into the “Authenticator code” field and submit.

If the code is rejected, see troubleshooting below.

Important: save your recovery options¶

After enabling 2FA, you are offered recovery codes.

• Store them somewhere safe (e.g., a password manager)
• Do not save them in plain text in shared locations
• Treat them like passwords: anyone with them may be able to access your account

Troubleshooting¶

“Incorrect code” / code never works¶

• Wait for the next code and try again (codes can expire quickly).
• Make sure you scanned the QR code for the correct account.
• Ensure the device clock is correct (enable automatic time / network time).

Lost phone / deleted app¶

• Use recovery codes if available.
• Otherwise, contact your administrators/support team for account recovery.

Security tips¶

• Prefer an authenticator solution you can back up (securely) to avoid lockouts.
• Protect your authenticator app with a device lock (PIN/biometrics).
• Do not share screenshots of QR codes or secret keys.