Enable two-factor authentication (2FA)
What Two-factor authentication (2FA) provides extra protection for your account by requiring a second factor (e.g. a code from an app) in addition to your username and password when logging in. Where Admin: User management > User. (Previously under: User > User). |
Introduction
Two-factor authentication (2FA) increases the security of your user account. In addition to your username and password, a second factor is requested when logging in (e.g., a code from an authenticator app). This better protects your access against unauthorized use.
There are two ways to use 2FA:
There are two ways to use 2FA:
- Mandatory: An administrator assigns you the "2FA" user group → then you must set up 2FA the next time you log in.
- Voluntary: You can enable or disable 2FA yourself in your profile settings (if it is not set to mandatory) and also set it up again, e.g., to generate new backup codes.
Requirements
- User account (administrator permissions are also required if managing users)
- To use two-factor authentication, you need a one-time authentication (TOTP) application.
- Recommended: A smartphone app such as Google Authenticator, Microsoft Authenticator, or Authy.
- Alternatively: A browser add-on with TOTP (e.g., for Chrome or Firefox). Useful if you prefer to work directly on your PC – but less secure.
Configure 2FA as mandatory for users (Administration)
- Log in to the administration area.
- Select User management > User.
- Create a new user by selecting "Create single user" or select an existing one and click the "Edit" pencil icon to edit the user account.
- In the "Assign user group" section, add the "2FA" user group and then click "Save."
Note: Users who belong to the 2FA group will be prompted to set up 2FA the next time they log in. They will not be able to log in to the system until the setup is successfully completed.
If a user is removed from the 2FA user group, 2FA remains active but can be manually deactivated by the user.
If a user has neither access to their authenticator nor backup codes, they can reset 2FA for that user in user management. The user will be prompted to reconfigure 2FA the next time they log in.
If a user is removed from the 2FA user group, 2FA remains active but can be manually deactivated by the user.
If a user has neither access to their authenticator nor backup codes, they can reset 2FA for that user in user management. The user will be prompted to reconfigure 2FA the next time they log in.
Voluntary 2FA in profile settings
If you are not in the "2FA" user group, you can manage 2FA yourself in your profile:
- To do so, go to your Profile > Login data.
- Set "Multi-factor authentication" to "Yes."
You have the following options:
- Activate and set up.
- Deactivate, as long as it is not set as mandatory by the administrator.
- Set up again, for example, if you are using a new device or need new backup codes.
Setup
- Depending on the configuration, you will be automatically redirected to the 2FA setup page after logging in or when activating it in your profile.
Activation in your profile:
Or automatically after logging in: - Open your authenticator app or browser extension.
- Scan the QR code displayed or enter the key manually.
- The app/extension will now generate a 6-digit security code.
- Enter this security code and click "Login".
Activation in your profile:
Or automatically after logging in: - Write down the backup codes.
- Check the box "I have noted down the backup codes" and click "Continue"
Information about backup codes
The codes serve as emergency access if you no longer have access to your authenticator app or browser extension—for example, if you lose your smartphone.
- Each backup code is valid once and works as a replacement for the 6-digit code from your app/extension.
- All backup codes are only displayed once – so it is essential that you make a secure note of them or store them in a password manager.
- Once a code has been used, it is no longer valid.
- After entering your second-to-last backup code, you will see a message prompting you to set up the system again to obtain new backup codes.
- After entering the last backup code, you will be automatically redirected to the 2FA setup page.
Send one-time password by email
If a user has forgotten their password or no longer has access to their account, you can generate a new one-time password and send it to the email address on file.
- Open the Admin portal Admin: User management > User.
- Select the user you want to help.
- Activate the option "Generate new one-time password and send it by email".
- Save the change.
Result:
- The user receives an email with a one-time password.
- After logging in with this password, they are automatically prompted to set a new, secure password.
Troubleshooting
- The QR code does not work → Use the displayed key to enter it manually in the app.
- The security code is not accepted → This may be because the time and time zone of the device do not match the system time. Setting this to "Auto" in the settings of your phone/computer may help.
- Lost backup codes → Start setup again in the profile settings or contact an administrator.
Related Articles
Release Notes Version 1.2.296 – October 28 , 2025
Please note that the rollout may take up to 10 business days, as the release will be deployed in stages to ensure stability. New Features Enhanced Security: You can now require Multi-Factor Authentication (MFA) for specific user groups or roles, ...Create a developer account at Apple for sole proprietorship
Please note that the name of the account holder must match the name on the business registration. Since we need to submit the business registration as proof when publishing, there must be a match here. Apple will not allow the app to be published ...Create a developer account at Apple for companies (e.g. GmbH, Co. KG, GbR etc.)
To create an iOS app, an Apple Developer Account is required - this must be created at https://appleid.apple.com. Here you have to enter your own phone number. Due to the two-factor authentication (2FA), you will be called by the app department ...Store settings ("edit"/"add store")
What In the store settings, you can adjust all system-relevant basics such as tax, POS, employee, delivery, and pickup settings to tailor your POS system to your specific requirements. Where Admin: Store management > Stores > Edit. (Previously under: ...Storage protocol
To improve usability, we have revised the navigation structure. It can be switched via "Activate new navigation" in the dashboard. As part of this update, some terms have been adjusted and navigation items reorganized. This entry already uses the ...