Setting up multi-factor authentication

Set up multi-factor authentication (MFA) to add another layer of security to your IBM® Sovereign Core account.

Before you begin

Ensure you meet the these requirements:

  • You have a valid user account in IBM Sovereign Core
  • You have successfully logged in with your username and password
  • You have completed the initial password setup or password reset process
  • You have a mobile device or authenticator application that supports time-based one-time passwords (TOTP)

About this task

Multi-factor authentication is mandatory for IBM Sovereign Core users. MFA requires you to provide a second form of verification in addition to your password, therefore enhancing account security. After you complete the initial login and optional biometric authentication setup, you are prompted to configure MFA.

Important: Some functional IDs may be excluded from MFA challenges by administrators through the mfa-exclusion-group user group. However, MFA setup is still required for these accounts even though MFA verification is not required during login.

Procedure

  1. From your web browser, log in to IBM Sovereign Core using your username and password.
  2. Optional: If prompted to set up biometric authentication, choose whether to enable it.
    You can select Yes to set up biometric authentication or No to skip this optional step. Biometric authentication is optional, but MFA is mandatory.
  3. When prompted to set up two-factor authentication (2FA), follow the on-screen instructions.
    The system displays a QR code and setup instructions for configuring your authenticator application.
  4. Open your authenticator application on your mobile device.
    Common authenticator applications include Google Authenticator, Microsoft Authenticator, Authy, or any TOTP-compatible application.
  5. In your authenticator application, scan the QR code displayed on the screen.
    Alternatively, you can manually enter the setup key if your authenticator application does not support QR code scanning.
  6. Enter the verification code generated by your authenticator application into the verification field on the screen.
  7. Click Verify or Submit to complete the MFA setup.

Results

You have successfully set up multi-factor authentication. Each time you log in to IBM Sovereign Core, you are prompted to enter a verification code from your authenticator application after entering your password.

What to do next

Keep your authenticator application accessible on your mobile device. You need to provide a verification code from this application each time you log in to IBM Sovereign Core.

Tip: Save your backup codes in a secure location. If you lose access to your authenticator application, you can use backup codes to regain access to your account.