Replicon logo

Help Employees & Supervisors

Setting up your multi-factor (2-step) authentication method

Multi-factor authentication (MFA) is an extra layer of protection for your account beyond a password, in case your password is in some way compromised.

There are two methods of MFA available in Polaris:

  • Temporary one-time password (TOTP)
    With this method, you’ll need to install a third-party authentication app on your cell phone or other device, and will then enter a code generated by this app when you log in. This is generally considered to be more secure than email authentication.
  • Email authentication
    With this method, when you try to log in, you will be emailed a code that you’ll need to enter into the login field before you can finish logging in.

Your administrator can set up email authentication for you, and you may be able to set up both methods yourself.

To enable an MFA method:

  1. Click User Settings or the icon located in the bottom, left-hand corner of the page, and click Settings.
  2. Choose the Security tab on the page that displays.
  3. Click Add Authentication Method.
  4. Select either the Email or the Authenticator Application (TOTP).

For email authentication…

  1. Enter the email address where you want verification codes to be sent.
  2. Click Add Email Authentication.


  1. Ensure you have a third-party authenticator set up on your device.
  2. In Polaris, update the account name, if desired. This name is only used to differentiate this instance of TOTP from any additional TOTP methods you set up, so you can name it anything.
  3. Click Next.
  4. Open the authenticator app on your device and scan the QR code.
If you can’t scan it – say, if you're using an authenticator installed on your desktop – click Can’t scan the QR code?. The authenticator application will display a six-digit code. Enter this code in the field in Polaris.
  1. Click Add Authentication Application.

Now, on the schedule your administrator defined, you’ll be required to authenticate using the method you set up.

You can set up as many methods as you like – for example, both email and TOTP, or multiple email addresses.


What TOTP authenticators are supported?

We support a number of third-party authenticators, including Google Authenticator, Microsoft Authenticator, FreeOTP, LastPass Authenticator, and Authy. You can download these apps at the Play store or the App store.

Do I have to go through 2-step authentication every time I log in to Polaris?

This depends on how your administrator has set up your system. They may require you to use 2-step authentication every time you log in, or on some rarer frequency (say, once a month).

What happens if I try to log in using a different device than usual?

MFA authentication is device-specific, so you’ll be prompted to use an MFA method when you use a new device for the first time after MFA is set up. Then, you'll need to use it at the frequency set by your administrator, for each device.

Why can’t I revoke an MFA authentication method?

If you can’t revoke your MFA method, your administrator has likely made MFA mandatory in your user profile. If it is mandatory, you must always have at least one method in effect. So, if you’re trying to replace a method, set up the new method before revoking the old one.

Why do I get a Please add an Authentication Method error when I log in?

Your administrator has likely made use of MFA mandatory. Therefore, you must set up a method before you’ll be able to fully access Polaris.

Related topics

What does 2 Step Verification mean when I’m logging in?
Using single sign on with Polaris