Only Administrators can enable two-factor authentication (2FA). 

LogRhythm recommends using Google Authenticator for SHA1 and Free OTP for SHA256 or SHA512.

When 2FA is enabled in your tenant, all users are required to enroll their mobile device using your organization's authentication application. To enroll a mobile device:

  1. During the first log in after 2FA is enabled, scan the QR code in the authentication application on your mobile device.

    The authentication application provides a 6-digit timed one-time passcode (TOTP).
  2. Enter the 6-digit code, and then click Log in.
    The user's mobile device is assigned to their profile.
  3. During subsequent logins, enter the TOTP generated by the authentication application.

The user can view their 2FA status in the Authentication tab of the My Account page. 

  1. To view the My Account page, click the User Menu icon, and then click My Account.