This guide explains how to enable two-factor authentication to secure your Infomaniak account login (and therefore access to kSuite tools, hosting, etc.).

Introduction

• This two-step validation, also known as multi-factor / two-factor authentication (2FA), protects access to your Infomaniak account by:
  1. the password of your choice
  2. and a second method of identity verification, such as a code obtained on your mobile device.
• If a malicious person were to decipher or steal your password, they would still need a validation code that only the legitimate user can obtain on their mobile device.
• Refer to this other guide if you are an administrator of an Organization and want to enforce 2FA for all users who have not yet enabled it.

Enable two-step validation

To increase the security level of your Infomaniak account:

1. Click here to log in and access the two-factor authentication management on the Infomaniak Manager.
2. Once logged in, you can choose a 2FA method:
   
   1. the kAuth app for iOS / Android devices
   2. another method

Choose the validation method

In section a above, you can download and configure the iOS/Android app kAuth (please refer to this other guide for more information):

• It allows you to receive a push notification YES / NO to authorize or deny login to your Infomaniak account.
• It also generates a one-time use code, including offline, to allow login.
• If another Infomaniak app (Mail, Euria, kDrive, etc.) is installed and your user ID is also logged in, the authorization request will be made through that app; please refer to this other guide for more information.

In section b above, you can choose to configure another method from the following:

1. any OTP application (such as Authy, for example) to obtain a one-time use code,
2. YubiKey (from Yubico); please refer to this other guide for more information,
3. SMS (only for CH / FR / BE / DE countries) to obtain a one-time use code.

Then, click the button to add the method and follow the information displayed on the screen to complete the configuration.

Be careful with existing synchronizations

Once two-factor authentication is enabled, to access certain tools (such as CardDAV/CalDAV synchronization), you need to create application passwords.

There is no need to call Infomaniak, as they do not have any of your codes or passwords. For any assistance regarding 2FA, please refer to this other guide.

Change the default option or remove one

If you have enabled multiple verification methods (SMS, OTP application, etc.), you can define which one will be offered by default during each login.

1. Click here to log in and access the two-factor authentication management on the Infomaniak Manager.
2. Click the button to set it as default.
3. Click the trash can to remove and no longer offer the selected method:
   

To completely remove 2FA, please refer to this other guide.

Authenticate each time the browser opens

To prevent cookies from being saved when closing browser windows, and therefore to require authentication each time you access the Infomaniak Manager when you restart your browser…

… on Chrome

Specify the address [*.]infomaniak.com in the Google Chrome settings (chrome://settings/content/siteData – paste this into the address bar, or consult the official documentation):