Two-Factor Authentication (2FA) User Guide
Two-Factor Authentication (2FA) with a U2F Key
Two-factor authentication (2FA) helps secure and protect your MaxMind account by adding an additional layer of security. We currently support 2FA with security keys that are compliant with the FIDO U2F standard (e.g. Yubikey). After you set up 2FA, access to your MaxMind account will require your password and security key. You may register up to 5 security keys.
You must set up a recovery method before you can enable 2FA. The supported recovery method is a set of one-time access codes. This will allow you to access your account with a code in the event your security key is lost or damaged.
How to Set-up 2FA
- From your Account Portal page, select “Two-Factor Authentication” from the left hand navigation menu.
- Register a security key by clicking on “Register New Key” under “Manage Security Keys”.
- Enter a unique name for your security key.
- Insert the U2F device and press the button on your device to complete registration. If registration is successful, the key will appear along with the date of registration.
- Set up a recovery method: one-time access codes
- Click on “Generate recovery codes”
- Copy down the set of five codes for storage in a separate and secure place then click “Next” to complete setup.
- When 2FA is successfully enabled for your account, you will see a notification banner at the top of the Two-Factor Authentication page saying 2FA is active.
Who can set-up 2FA?
Any MaxMind user with login credentials to access a MaxMind account can set-up 2FA. Note that 2FA is set-up at the user-level and not at the account-level, meaning every user of an account will have to individually set-up 2FA to fully secure the account.
Is 2FA required?
No, activating 2FA is optional for each person that has login access to a MaxMind account. We recommend using 2FA help secure and protect your MaxMind account.
Can an account admin require 2FA for all account users?
No, each account user will have to set-up 2FA themselves.
Can an account admin deactivate 2FA for account users?
No, an account user has to deactivate 2FA themselves.
How do I deactivate 2FA?
Select “Two-Factor Authentication” from the left hand navigation menu in the Account Portal, then click the “Deactivate” button towards the bottom of the page.
If you have any questions, please contact us at firstname.lastname@example.org.