All Collections
Command
Users and Permissions
Activate 2FA for Your Command Account
Activate 2FA for Your Command Account

Learn more about Verkada's built-in option for 2-Factor Authentication (2FA)

Updated this week

Set up your Verkada Command account

To use 2-Factor Authentication (2FA), we recommend that you ensure that your account is properly setup:

  1. If you haven't already done so, create your Command account.

  2. At the bottom left, select your organization name and click My Account.

  3. Edit your account name, phone number, password, and activate two-factor authentication.

Enforce organization-wide 2FA

Verkada Command offers Organization Admins (Org Admins) the ability to enforce 2FA for all users in the organization.

  1. In Verkada Command, go to All Products > Admin.

  2. Select Privacy & Security.

  3. Toggle on Enforce 2FA.

Once 2FA is enforced at the organization level:

  • Existing users will be required to set up 2FA at the next login.

  • New users will be required to set up 2FA in the process of setting up their new Verkada Command user account.

Enable 2FA on individual user accounts

You can also enable 2FA on individual user accounts, for an increased security guarantee.

  1. On the My Account page (next to Two-Factor Authentication), select Enable.

  2. Click Add (next to the preferred type of 2FA). Select 1 or more options:

    • Authenticator app: You will receive verification codes from a third-party app.

    • Security Key or Biometric authenticator: Insert a security key, such as a Yubikey, touch a fingerprint reader, or use a different device based biometric authenticator to log in.

    • SMS [available only in older Command organizations]: You will receive one-time verification codes sent to your phone number.

  3. Re-enter your password to proceed.

  4. Complete the respective setup to have your account be 2FA secured.

Authenticator app

With 2FA by an authenticator app, you will see the 6-digit code automatically generated. This code expires every 30 seconds, so you need to check this app for the new 6-digit authentication code each time you log in.

  1. When you select the authenticator app, you are given a one-time QR code for setup.

  2. Scan the QR code with your authenticator app.

  3. Your app will generate a 6-digit code.

  4. Enter the 6-digit code provided by the app and click Verify.

For help with adding a QR code, contact the app's vendor for details.

Security key or biometric authenticator

With 2FA via security key or biometric authenticator, you can set up both device-specific verification methods, such as TouchID, FaceID, and external security keys, such as a YubiKey, or phone, as a passkey.

  1. When you select Security Key or Biometric Authenticator, your browser prompts you to set up a method of your choice.

  2. You can select from different device-specific options and external security keys, such as a YubiKey.

  3. Verify using the selected method.

Notes:

  • You can set up multiple security keys/biometric authenticators for the same account, as long as they use different devices.

  • Security keys and biometric authenticators are currently not supported by the Verkada Command mobile app.

SMS

With 2FA via SMS, you will receive a 6-digit code in a text message.

  1. Enter your phone number (this can be the same as, or different from, the number used for notifications).

  2. Enter the 6-digit code you received and click Verify.

Disable 2FA

If you get a new phone, change your phone number, no longer use the device setup as your biometric authenticator, or delete your authenticator app, you'll need to disable 2FA to avoid getting locked out of your account.

  1. On the My Account page (next to Two-Factor Authentication), click Change.

  2. After you confirm your password, click Disable. You can also remove the different 2FA methods that you have set up.

If you no longer have access to the 2FA app and are not signed in, contact your Org Admin and they can assist with resetting 2FA for your account.

Note: If an Org Admin has turned on 2FA, org-wide users will be required to have a minimum of 1 authentication method setup.

Disable and reset a user's 2FA

If you lose or misplace your authentication device and are locked out of your account, you need to contact your Org Admin to have 2FA disabled on your account. Org Admins can reset your 2FA as follows:

  1. In Verkada Command, go to All Products > Admin.

  2. Under Org Settings, click Users and choose the email of the locked-out user.

  3. At the top right, click Control Login.

  4. View and delete the different 2FA methods setup by the user.

  5. Click Reset 2FA to delete all 2FA methods and click Done to confirm the change.

Related resources

Need more help? Contact Verkada Support

Did this answer your question?