Account & Security

Multi-Factor Authentication (MFA) with Google Authenticator

Multi-Factor Authentication (MFA) enhances the security of your OCA account by requiring a 6-digit verification code generated from the Google Authenticator mobile app. This guide explains how to activate, use, and reset Google Authenticator as your 2FA method.

Introduction to MFA

Two-Factor Authentication (2FA) adds an additional verification layer during login, reducing the risk of unauthorized access. The supported methods is via Google Authenticator .

Activating Google Authenticator

You can activate Google Authenticator from two entry points:

Activation Prompt After Login

Upon logging in, you may see a popup inviting you to enable 2FA.

• Activate Now → proceed to setup

• Later → skip for now

Activation via Account Settings

Navigate to:

Account Settings → 2 Factors Authentication

You will see available 2FA options. Select Google Authenticator → Activate Method.

Google Authenticator Setup Process

The setup consists of three steps:

Step 1: Install Google Authenticator

Download the Google Authenticator app on your mobile device:

• iOS (App Store)

• Android (Google Play Store)

Buttons shown:

• Download App for iOS

• Download App for Android

Step 2: Scan QR Code or Enter Setup Key

On the setup page:

• Scan the QR code using your Google Authenticator app or

• Enter the Setup Key manually

You can copy the key using the Copy button.

Step 3: Enter the 6-Digit Code

Once added to the app:

1. Open Google Authenticator

2. Copy the 6-digit one-time code

3. Enter it into the field on the screen

4. Click Submit

Buttons displayed:

• Cancel

• Submit

Possible Errors

When an error occurs, the system clears the input automatically.

Successful Activation

When setup is complete, you will see a confirmation message:

“2FA Google Authenticator is Now Active”

• Your account is now protected by Google Authenticator.

• A recovery code is automatically saved on your device.

You may continue by selecting:

• Go to 2FA Settings

• Close

Resetting Google Authenticator

If you need to reset or re-setup Google Authenticator (e.g., new phone, lost access):

Start Reset

Navigate to:

Account Settings → 2 Factors Authentication → Reset Method

Screen displayed: Reset 2FA on Google Authenticator

Verify with Password

To ensure security, you must confirm your identity by entering your password.

• Input your password

• Click Confirm

Incorrect password message: “Password is incorrect.”

Re-Setup Google Authenticator

You will repeat the same three steps as the original activation:

1. Install the app (if needed)

2. Scan QR code / enter setup key

3. Enter the 6-digit code

Click Submit to complete.

Reset Completion

Once finished:

“2FA Google Authenticator Re-setup Complete”

A new recovery code is saved to your device.

Your 2FA with Google Authenticator is now active again.

Login Flow with Google Authenticator

When logging in:

1. Enter your email & password

2. You will be prompted to enter the 6-digit Google Authenticator code

3. Enter the code

4. Access granted

If code is incorrect, an error will appear and the field will reset.

Frequently Asked Questions (FAQ)

Q1: Do I need Google Authenticator every time I log in?

Yes. A new verification code will be required for each login session.

Q2: Can I use other authenticator apps (e.g., Authy, Microsoft Authenticator)?

No. Only Google Authenticator is supported for this feature.

Q3: What happens if I lose my phone?

You can use the recovery code saved to your device during setup, then reset your Google Authenticator from the 2FA settings.

Q4: I clicked “Later” on the activation popup. Can I activate 2FA later?

Yes. Go to: Account Settings → 2 Factors Authentication → Google Authenticator

Q5: Can I switch from Google Authenticator to Email OTP?

No. Switching is not allowed once Google Authenticator is active. You must reset your Google Authenticator first.

Q6: Does the 6-digit code expire?

Yes. Each code refreshes approximately every 30 seconds.

Q7: Can I use the same Google Authenticator code on multiple devices?

No. Each device must scan the QR code individually during setup.

Troubleshooting Guide

1. “Invalid Code” Error

Possible causes:

• The code has expired

• Incorrect code was entered

• Your phone’s time is not synced correctly

Solutions:

• Wait for a new 30-second cycle and re-enter the code

• Ensure your phone time is set to Automatic / Network Time

• Re-scan the QR code by resetting 2FA if needed

2. “The code must be 6 digits.”

Occurs when:

• Only 5 digits entered

• Accidentally pasted extra space/character

Fix:

• Re-enter exactly 6 digits

• Ensure no whitespace is included

3. Cannot Scan QR Code

Possible reasons:

• Camera permissions disabled

• Poor lighting

• Low-resolution display

Fix:

• Enable camera permissions

• Increase screen brightness

• Use the Setup Key instead of scanning

4. Password Incorrect During Reset

Fix:

• Re-enter your password carefully

• Ensure Caps Lock is off

• Reset your account password if forgotten

5. Lost Access to Google Authenticator

If you can’t access your device:

Use recovery code stored at activation or Contact your system administrator to request manual reset.

6. QR Code Not Updating During Re-Setup

Fix:

• Refresh the page

• Ensure stable internet

• Try private/incognito mode

7. Code Not Appearing on Google Authenticator

Fix:

• Ensure the account entry was added correctly

• Re-add using setup key

• Reset 2FA if the issue persists