Two Factor Authentication (with Mobile Authenticator)

Mist extends its cloud security capability for organizations by adding the option of a Two-factor Authentication for every login attempt.  Take advantage of this component by downloading an authenticator app, such as Google Authenticator. Please note that this two factor authentication can only be set up with an authenticator app, and does not support SMS or email two factor authentication at the moment.  After this is set up, you can now have an additional layer of security when accessing your Mist account.

Go into My Account and select the checkbox labeled “Enable Two Factor Authentication.”

You will be prompted with a QR code and a request for a generated token.  Make sure you have an authenticator installed on your mobile device to enable this feature.  In our example, we are using the Google Authenticator app.  Click here to download it to your Android or iOS device.  

Once installed, open up the application and Scan barcode.  After scanning the QR code, you will have access to the generated token, which will be refreshed periodically.  Enter this code to finish the setup process.  Now, in addition to your password, you will also be prompted for the Authenticator token on sign in.

 

With two factor authentication enabled, this is how your login process will look like:

1. Enter your password to login to your Mist account.

 

2. After the system verifies that your password is correct, you will be prompted for the code sent to your authenticator app on your mobile device.

 

3. Enter the code shown on your authenticator app to complete the login process.

 

How do I reset Two Factor Authentication?

Did you get a new mobile device and lose your two factor authentication for Mist? Follow the below steps to reset your authentication for your new mobile device using our API.

  1. If you do NOT know your account password…
    1. From the Sign in page, click the Forgot your password? link
    2. Reset your password
    3. Open the recovery link in your email
  2. If you already know your account password…
    1. Sign into your account.
    2. Note: you will be prompted with the two factor authentication verification.  Ignore this and continue onto the next step
  3. In the same browser, open https://api.mist.com/api/v1/self and PUT the following payload to bypass the Two Factor Authentication:
    PUT /api/v1/self
    
    {
    
    "two_factor_required": false
    
    }
  4. You are now logged into your account. Using the same https://api.mist.com/api/v1/self page, PUT the following payload to disable Two Factor Authentication:
    PUT /api/v1/self
    
    {
    
    "enable_two_factor": false
    
    }