Support Center

Using Multi-factor Authentication with Your JumpCloud User Account

Has your IT administrator requested that you set up Multi-factor Authentication (MFA) for your JumpCloud account? Do you need to reset MFA for your account after you get a new device or if you think your account has been compromised? Get the answers to your MFA questions here. What is Multi-factor Authentication?

Multi-factor Authentication (MFA) means that you use more than one method of authentication to access a resource. JumpCloud MFA requires that in addition to your account credentials you provide a time-based one-time password (TOTP) to access resources protected by MFA. You get your TOTP from apps like Google Authenticator and Duo Mobile.

Where do I get a TOTP application for MFA?

Download one of the following TOTP apps:

  • Google Authenticator
  • Duo Mobile
  • FreeOTP
  • Yubico Authenticator for Desktop (for use with YubiKey)
How do I set up MFA for my JumpCloud user account?

Did you receive an email from your IT admin that asks you to set up MFA for your JumpCloud account? Or after logging in to your JumpCloud User Portal, were you prompted to set up MFA while you’re in an enrollment period? Learn how to do that in this section.

Before you set up MFA for your account, be sure to download a TOTP application for MFA.

To set up MFA for your JumpCloud account:

  1. Log in to your JumpCloud User Portal: https://console.jumpcloud.com/login.
  2. The User Portal detects that you are in an enrollment period and prompts you to set up MFA. Click CONTINUE.
  1. Scan the QR code with your TOTP app, then enter the 6-digit verification code provided to you by your TOTP app.

Tip: You can copy the alpha-numeric key shown beneath the QR code and store it in a secure place. This code can be used if you replace your device for any reason.
  1. Click SUBMIT. You’ll get a confirmation in the User Portal that MFA is active for your account.

If you decide to quit MFA setup before you finish and are in an active enrollment period, you’ll see a prompt of the number of days you have left in your enrollment and you’ll continue to be prompted to set up MFA when you log in to your User Portal.

You can start the setup process again from the prompt you see after logging in. If you don’t complete MFA setup before the enrollment period expires, your account will be locked and you’ll have to get your IT admin to unlock it.

In addition to the prompt at login, you can also see the number of days you have left in your enrollment period and set up MFA from the Security page in your User Portal.

I haven’t received a request from IT admin to set up MFA, can I set it up anyway?

Yes! You can set up MFA even if your IT admin hasn’t yet requested you to do so. Before you set up MFA for your account, be sure to download a TOTP application for MFA.

To proactively set up MFA for your JumpCloud account:
  1. Log in to your JumpCloud User Portal: https://console.jumpcloud.com/login.
  2. Go to SECURITY.
  1. In Multifactor Authentication, click SETUP MFA.
  2. Scan the QR code with your TOTP app, then enter the 6-digit verification code provided to you by your TOTP app.


Tip: You can copy the alpha-numeric key shown beneath the QR code and store it in a secure place. This code can be used if you replace your device for any reason.
  1. Click SUBMIT. You’ll get a confirmation in the User Portal that MFA is active for your account.
How do I log in with MFA?

If your IT admin has required MFA and you have successfully set it up for your account, you’ll log in with MFA.

Note about TOTPs:

TOTP codes are valid for 60 seconds. Your TOTP app will show a new code every 60 seconds. If your code expires before it is validated, enter the next code your TOTP shows.

Logging in to your JumpCloud User Portal with MFA

To log in to your JumpCloud User Portal with MFA:
  1. Go to your JumpCloud User Portal: https://console.jumpcloud.com/login.
  2. Enter your username and password, then click USER LOGIN.
  3. You’re prompted to enter an MFA verification code.
  1. Open your TOTP app to get a TOTP code.
  2. Enter the 6-digit code your TOTP app shows for JumpCloud User.
Logging in to your Mac computer with MFA

To log in to your Mac computer with MFA:
  1. Select your user account.
  2. Enter your JumpCloud password.
  3. Open your TOTP app to get a TOTP code.
  4. Enter the 6-digit code your TOTP app shows for JumpCloud User.


Logging in to your Linux computer using SSH and MFA

To log in to your Linux system using SSH and MFA:
  1. Open your terminal, then run the ssh command with username@ipaddress as the argument. For example, $ ssj auser@192.168.1.1
  2. Enter your JumpCloud password.
  3. Open your TOTP app to get a TOTP code.
  4. Enter the 6-digit code your TOTP app shows for JumpCloud User.
  5. Press Enter (Windows) or Return (Mac).

Launching Single-Sign On applications with MFA

If you launch an SSO application from your User Portal and your session is active, you'll automatically be logged in to the SSO app.
If you launch an SSO application from your User Portal and your User Portal session isn’t active, you’ll be directed to a login screen that looks like the User Portal Login. From there,

  1. Enter your username and password, then click USER LOGIN.
  2. You’re prompted to enter an MFA verification code.
  3. Open your TOTP app to get a TOTP code.
  4. Enter the 6-digit code your TOTP app shows for JumpCloud User.
What happens if I replace my device?

Chances are at some point you’ll have to replace your MFA device if you lose or break it, or get a new one. The actions you take for your new device depend on whether you have access to your old device. How to reset MFA if you have access to your old device

If your old device is available, follow these steps to reset your MFA:
  1. Download a TOTP app on the new device.
  2. Log in to your JumpCloud User Portal: https://console.jumpcloud.com/login.
  3. Go to SECURITY.
  4. In Multifactor Authentication, click RESET MFA.
  1. Verify your existing MFA setup using your old device.
Caution: If you exit the process before you complete setup, you may lock yourself out of resources that are protected by MFA.
  1. Continue to reset MFA for your account: Scan the QR code with your TOTP app on your new device, then enter the 6-digit verification code provided to you by your TOTP app.
Tip: You can copy the alpha-numeric key shown beneath the QR code and store it in a secure place. This code can be used if you replace your device for any reason.
  1. Click SUBMIT. You’ll get a confirmation in the User Portal that MFA is active for your account.
How to set up MFA on your new device if you don’t have access to your old device Saved the alpha-numeric key code

If your old device isn’t available, but you saved the alpha-numeric code shown below your QR code when you initially set up MFA, follow these steps to reset your MFA:

  1. Download a TOTP app on the new device.
  2. Manually add a new MFA instance in the TOTP app.
  3. Enter your JumpCloud email address when your TOTP app asks for it.
  4. Enter the alpha-numeric key you saved.
Didn’t save the alpha-numeric key code

If your old device isn’t available, and you didn’t save or have lost the alpha-numeric code shown below your QR code when you initially set up MFA, contact your IT admin to reset your MFA for your JumpCloud account. After your IT admin resets MFA for your account, you’ll go through the process in: How do I set up MFA for my JumpCloud user account?

How do I reset MFA for my JumpCloud user account?

If you think that your account has been compromised, you can reset MFA for your account in the User Portal.

To reset MFA for your compromised account:
  1. Log in to your JumpCloud User Portal: https://console.jumpcloud.com/login.
  2. Go to SECURITY.
  3. In Multifactor Authentication, click RESET MFA.
  1. Verify your existing MFA setup.
Caution: If you exit the process before completing setup, you may lock yourself out of resources that are protected by MFA
  1. Continue to reset MFA for your account: Scan the QR code with your TOTP app, then enter the 6-digit verification code provided to you by your TOTP app.
Tip: You can copy the alpha-numeric key shown beneath the QR code and store it in a secure place. This code can be used if you replace your device for any reason.
  1. Click SUBMIT. You’ll get a confirmation in the User Portal that MFA is active for your account.
     
Learn more about your JumpCloud user account:
 

Last Updated: Jun 03, 2019 12:45PM MDT

Related Articles
desk-forwarding@jumpcloud.com
http://assets2.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete