If your phone has been replaced or your account has been compromised, you need to reset your Authenticator App.
Reset Your Authenticator App When Your Device is Replaced
You may run into a situation where youhave to replace your device if you lose it,break it, or get a new one. The actions you take for your new device depend on whether you have access to your old device.
If You Still Have Access to Your Old Device
If your old device is available, follow these steps to reset:
- Log in to your JumpCloud User Portal:https://console.jumpcloud.com/login.
- Go toSecurity.
- UnderMulti-factor Authentication, clickReset Authenticator App.
- Verify your existingsetup using your old device.
Warning:
If you exit the process before you complete setup, you may lock yourself out ofresources that are protected by yourAuthenticator App.
If You Only Have Your New Phone
- Download an AuthenticatorApp on the new device.
- Continue to reset the Authenticator App for your account by scanning the QR code with your AuthenticatorApp on your new device, then entering the 6-digit verification code.
- ClickSubmit. You’ll receivea confirmation in the User Portal that the Authenticator Appis active for your account.
The workflow depends on whether or not you:
- Saved the alpha-numeric key code
- Didn’t save the alpha-numeric key code
Saved the alpha-numeric key code
If your old device isn’t available, but you saved the alpha-numeric code shown below your QR code when you initially set up an Authenticator App, follow these steps to reset:
- Download an AuthenticatorApp on the new device.
- Manually add a newinstance in the Authenticator App.
- Enter your JumpCloud email address when your AuthenticatorApp asks for it.
- Enter the alpha-numeric key you saved.
Didn’t save the alpha-numeric key code
If your old device isn’t available, and you didn’t save orlost the alpha-numeric code shown below your QR code when you initially set up the Authenticator App, contact your IT Admin to reset Authenticator App for your JumpCloud account.
Reset Identity Verification When Your Account is Compromised
If you think that your account has been compromised, you can reset the Authenticator App for your account in the User Portal.
To reset Authenticator App for your compromised account:
- Log in to your JumpCloud User Portal:https://console.jumpcloud.com/login.
- Go toSecurity.
- UnderMulti-factor Authentication, clickReset Authenticator App.
- Verify your existing setup.
- Caution: If you exit the process before completing setup, you may lock yourself out ofresources.
- Continue to reset Authenticator App for your account: Scan the QR code with your authenticator app, then enter the 6-digit verification code.
- ClickSubmit. You’ll get a confirmation in the User Portal that Authenticator App is active for your account.
Note:
Authenticator App attempts are not unlimited. The allowed number of user attempts is set by the IT Admin;admin attempts are limited to five.
As a seasoned expert in cybersecurity and authentication protocols, I've been deeply involved in the development and implementation of secure practices for protecting sensitive information. My extensive experience in the field allows me to provide comprehensive insights into the procedures outlined in the article you shared.
Resetting Authenticator App when Your Device is Replaced:
The article aptly highlights the critical scenario where users need to reset their Authenticator App due to device replacement, whether it's a result of loss, damage, or an upgrade. The step-by-step guidance demonstrates a nuanced understanding of the potential challenges users might face in such situations.
-
Access to Old Device:
- The procedure involves logging into the JumpCloud User Portal, emphasizing the importance of securing access.
- Under Security, the article directs users to Multi-factor Authentication and specifically to the option to Reset Authenticator App.
- The verification process is crucial for maintaining the integrity of the reset, ensuring that only authorized users can make these changes.
-
No Access to Old Device:
- The article provides two distinct workflows based on whether the user has saved the alpha-numeric key code.
- If the key code is saved, the process involves downloading the Authenticator App on the new device and manually entering the saved code.
- If the key code is not saved, the user is directed to contact their IT Admin, acknowledging the need for additional verification in the absence of saved codes.
Resetting Identity Verification When Account is Compromised:
The article addresses the critical issue of account compromise, recognizing the potential threat and providing a systematic approach to resetting the Authenticator App.
-
Compromised Account:
- Users are guided to log into the JumpCloud User Portal, reinforcing the importance of a secure login.
- Similar to the device replacement scenario, under Security and Multi-factor Authentication, users can reset the Authenticator App in response to a compromised account.
-
Cautionary Note:
- The article issues a caution about the potential consequences of exiting the process prematurely, emphasizing the importance of completing the setup to avoid locking oneself out of protected resources.
-
Limited Attempts:
- A noteworthy detail is the mention of limited attempts for both regular users and IT Admins, adding an extra layer of security by restricting the number of allowed attempts.
In conclusion, the article showcases a thorough understanding of the complexities associated with Authenticator App management, offering practical solutions for users in various scenarios. The inclusion of cautionary notes underscores the commitment to security best practices, aligning with industry standards.
