# How to enable two-factor authentication at the Hideez Enterprise Server? {% hint style="info" %} This guide explains how to enable two-factor OTP (One-Time Password) authentication for accessing the Hideez Enterprise Server (HES) web interface. To enable OTP for other websites, you must configure the appropriate settings on those sites. {% endhint %} *** ### **Enabling 2FA for Admin Accounts** #### **Step 1:** In the top-right corner of the window, click on the **profile icon** and select **Profile** from the drop-down list.

#### **Step 2:** In the Profile section, go to **One-Time Password** and click on the **Add OTP App** button.

#### **Step 3:** Follow the on-screen instructions to set up 2FA.

You can use [**Hideez Authenticator**](https://enterprise.hideez.com/hideez-authenticator-app) as the OTP generation application. #### **Step 4:** After successfully enabling two-factor authentication, you will be prompted to save your **recovery codes**. You will receive 10 recovery codes, each consisting of 8 characters. These can be used in case you are unable to generate an OTP code. {% hint style="warning" %} **Important:** Save these recovery codes in a secure place. {% endhint %} Two-factor authentication is now configured, and you can use it with your OTP application. *** ### **Using Hideez Key for OTP Generation** If you want to use the [**Hideez Key** to generate OTPs](https://enterprise.hideez.com/use-cases/hideez-key/password-manager-and-otp-generator#enabling-otp-input-for-your-accounts), when creating your admin account, enter the **Secret Key** provided during the OTP setup in the corresponding field. ![](https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/jNzPEIPLz5hCsDikimte/image.png) The **Secret Key** is a 32-character value provided in **Step 3**. \ [Learn more about creating accounts via Hideez Client](https://enterprise.hideez.com/hideez-client-app/account-management/account-creation). \ [Learn more about creating accounts on HES](https://enterprise.hideez.com/hideez-enterprise-server/accounts/how-to-work-with-personal-employee-accounts). \ [How to enter credentials with the Hideez key](https://enterprise.hideez.com/hideez-key-enterprise-edition/how-to-enter-credentials-with-hideez-key). *** ### **Disabling 2FA on HES** #### **Step 1:**
Go to the **Profile** tab and locate the **One-Time Password** section. Click **Disable 2FA**. ![](https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/SwQogfcfvZyouIH9Xjc8/2fa%20on%20hes3.jpg) #### **Step 2:**
Confirm the action to disable two-factor authentication. {% hint style="info" %} Two-factor authentication is now disabled, but you can enable it again at any time. {% endhint %} *** ### **Resetting Recovery Codes** When you disable and then re-enable 2FA, your recovery codes will be reset. {% hint style="info" %} **Note:** If you reset the OTP app without disabling 2FA, the recovery codes will **not** be reset. {% endhint %} *** ### **Logging In with a Recovery Code** If you cannot enter the OTP code during login, you can use a recovery code. #### **Step 1:**
Enter your login and password. #### **Step 2:**
Click on the **One-Time Password** button. #### **Step 3:**
Click **Log in with a recovery code**.

#### **Step 4:**
Enter one of your previously saved recovery codes and click **Login**.

*** {% hint style="info" %} This completes the setup and usage guide for two-factor authentication on Hideez Enterprise Server. {% endhint %}