# Account & Security ## **Multi-Factor Authentication (MFA) with Google Authenticator** Multi-Factor Authentication (MFA) enhances the security of your OCA account by requiring a 6-digit verification code generated from the Google Authenticator mobile app. This guide explains how to activate, use, and reset Google Authenticator as your 2FA method. *** ## **Introduction to MFA** Two-Factor Authentication (2FA) adds an additional verification layer during login, reducing the risk of unauthorized access.\ The supported methods is via **Google Authenticator .** *** ## **Activating Google Authenticator** You can activate Google Authenticator from two entry points: #### **Activation Prompt After Login** Upon logging in, you may see a popup inviting you to enable 2FA. * **Activate Now** → proceed to setup * **Later** → skip for now #### **Activation via Account Settings** Navigate to: `Account Settings → 2 Factors Authentication` You will see available 2FA options.\ Select **Google Authenticator → Activate Method**. *** ## **Google Authenticator Setup Process** The setup consists of **three steps**: ### **Step 1: Install Google Authenticator** Download the Google Authenticator app on your mobile device: * **iOS (App Store)** * **Android (Google Play Store)** Buttons shown: * *Download App for iOS* * *Download App for Android* ### **Step 2: Scan QR Code or Enter Setup Key** On the setup page: * Scan the QR code using your Google Authenticator app\ **or** * Enter the **Setup Key** manually You can copy the key using the **Copy** button. ### **Step 3: Enter the 6-Digit Code** Once added to the app: 1. Open Google Authenticator 2. Copy the 6-digit one-time code 3. Enter it into the field on the screen 4. Click **Submit** Buttons displayed: * **Cancel** * **Submit** #### **Possible Errors** | Condition | Message | | ----------------------- | -------------------------------------------------------------------- | | Code less than 6 digits | *“The code must be 6 digits. Make sure you enter the correct code.”* | | Code invalid | *“Invalid code. Check the code on your mobile app and try again.”* | When an error occurs, the system clears the input automatically. *** ## **Successful Activation** When setup is complete, you will see a confirmation message: #### **“2FA Google Authenticator is Now Active”** * Your account is now protected by Google Authenticator. * A **recovery code** is automatically saved on your device. You may continue by selecting: * **Go to 2FA Settings** * **Close** *** ## **Resetting Google Authenticator** If you need to reset or re-setup Google Authenticator (e.g., new phone, lost access): #### **Start Reset** Navigate to: `Account Settings → 2 Factors Authentication → Reset Method` Screen displayed: **Reset 2FA on Google Authenticator** *** #### **Verify with Password** To ensure security, you must confirm your identity by entering your password. * Input your password * Click **Confirm** **Incorrect password message:**\ \&#xNAN;*“Password is incorrect.”* *** #### **Re-Setup Google Authenticator** You will repeat the same three steps as the original activation: 1. Install the app (if needed) 2. Scan QR code / enter setup key 3. Enter the 6-digit code Click **Submit** to complete. *** ## **Reset Completion** Once finished: #### **“2FA Google Authenticator Re-setup Complete”** A new recovery code is saved to your device. Your 2FA with Google Authenticator is now active again. *** ## **Login Flow with Google Authenticator** When logging in: 1. Enter your email & password 2. You will be prompted to enter the 6-digit Google Authenticator code 3. Enter the code 4. Access granted If code is incorrect, an error will appear and the field will reset. *** ## **Frequently Asked Questions (FAQ)** #### **Q1: Do I need Google Authenticator every time I log in?** Yes. A new verification code will be required for each login session. #### **Q2: Can I use other authenticator apps (e.g., Authy, Microsoft Authenticator)?** No. Only **Google Authenticator** is supported for this feature. #### **Q3: What happens if I lose my phone?** You can use the **recovery code** saved to your device during setup, then reset your Google Authenticator from the 2FA settings. #### **Q4: I clicked “Later” on the activation popup. Can I activate 2FA later?** Yes. Go to:\ `Account Settings → 2 Factors Authentication → Google Authenticator` #### **Q5: Can I switch from Google Authenticator to Email OTP?** No. Switching is not allowed once Google Authenticator is active.\ You must **reset** your Google Authenticator first. #### **Q6: Does the 6-digit code expire?** Yes. Each code refreshes approximately every **30 seconds**. #### **Q7: Can I use the same Google Authenticator code on multiple devices?** No. Each device must scan the QR code individually during setup. *** ## **Troubleshooting Guide** #### **1. “Invalid Code” Error** **Possible causes:** * The code has expired * Incorrect code was entered * Your phone’s time is not synced correctly **Solutions:** * Wait for a new 30-second cycle and re-enter the code * Ensure your phone time is set to **Automatic / Network Time** * Re-scan the QR code by resetting 2FA if needed *** #### **2. “The code must be 6 digits.”** Occurs when: * Only 5 digits entered * Accidentally pasted extra space/character **Fix:** * Re-enter exactly 6 digits * Ensure no whitespace is included *** #### **3. Cannot Scan QR Code** **Possible reasons:** * Camera permissions disabled * Poor lighting * Low-resolution display **Fix:** * Enable camera permissions * Increase screen brightness * Use the **Setup Key** instead of scanning *** #### **4. Password Incorrect During Reset** **Fix:** * Re-enter your password carefully * Ensure Caps Lock is off * Reset your account password if forgotten *** #### **5. Lost Access to Google Authenticator** If you can’t access your device: **Use recovery code** stored at activation\ or\ Contact your system administrator to request manual reset. *** #### **6. QR Code Not Updating During Re-Setup** **Fix:** * Refresh the page * Ensure stable internet * Try private/incognito mode *** #### **7. Code Not Appearing on Google Authenticator** **Fix:** * Ensure the account entry was added correctly * Re-add using setup key * Reset 2FA if the issue persists --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ocaindonesia.co.id/oca-api/panduan-oca-api/account-and-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.