Merge pull request #453 from ByteInternet/update-how-to-use-2fa

Update: How to use 2FA

Author: ikidnapmyself

docs/services/control-panel/how-to-use-2fa-on-the-control-panel.md

@@ -13,46 +13,53 @@ redirect_from:
 
 # How to Use 2FA on the Control Panel
 
-Two factor authentication, also known as two-step verification, is a more secure way of logging in than logging in with just a password, because everyone receives a unique code to log in. In this article we explain how to use two factor authentication on the Control Panel.
+Two-Factor Authentication (2FA), also called two-step verification, adds an extra layer of security to your Hypernode Control Panel account. Instead of signing in with only a password, you also confirm your identity with a one-time code from your authentication app.
 
-How 2FA Works:
+This makes it significantly harder for unauthorized users to access your account, even if your password is compromised.
 
-- You'll need access to your mobile device when signing in to the Control Panel.
-- You'll enter a verification code each time you sign in. You can also select the **Remember this device for 30 days** option to receive a verification code prompt only once every 30 days.
-- You'll need a verification app to receive the verification code.
+## How 2FA Works:
 
-## How to Enable 2FA
+- You need access to your mobile device when signing in.
+- After entering your password, you are asked for a 6-digit verification code.
+- The code is generated by an authentication app on your phone.
+- You can choose **“Remember this device for 30 days”** to avoid entering a code on that device for the next 30 days.
 
-First, you need to download and install an authentication app. A few options are Google Authenticator, Duo Mobile, 1Password or Authy.
+## What You Need Before Enabling 2FA
 
-Then, you can turn on 2FA for your Hypernode Control Panel:
+You must install an authentication app on your mobile device. Common options include:
 
-1. Sign in to the Hypernode Control Panel.
-1. Hover over your username in the upper right corner.
-1. Click on Account settings.
-1. Click**Manage 2FA** to manage your 2FA settings.
-1. Click the **Activate 2FA**button and click on **Start now**.
-1. Add a new account in your authentication app. In most apps, you can do this by tapping the + icon.
-1. Scan the QR code by using your device's camera. If you prefer, you can choose to enter the code by hand.
-1. On Hypernode's 2FA configuration page, enter the 6-digit verification code that your authentication app generates.
-1. To finish, click **Confirm**.
+- Google Authenticator
+- Okta Verify
+- Duo Mobile
+- Authy
+- 1Password
 
-You'll receive an email when you enable 2FA and this will also be shown in the logs.
+Any app that supports time-based one-time passwords (TOTP) will work.
 
-## How to Disable 2FA
+## How to Enable 2FA
 
 1. Sign in to the Hypernode Control Panel.
-1. Hover over your username in the upper right corner.
-1. Click on Account settings.
-1. Click**Manage 2FA** to manage your 2FA settings.
-1. Click on **Disable Two-Factor Authentication** and enter the verification code to confirm.
+1. Hover over your username in the top-right corner.
+1. Select **Account settings**.
+1. Click **Manage 2FA**.
+1. Scan the QR code using your authentication app. You can also choose to enter the setup key manually.
+1. Enter the 6-digit verification code generated by your app.
+1. Click **Confirm** to finish setup.
 
-You'll receive an email when you disable 2FA and this will also be shown in the logs.
+Once enabled, you will receive a confirmation email and the action will be logged in your account activity.
 
-## Troubleshooting
+## Disabling 2FA
+
+For security reasons, 2FA can no longer be disabled directly from the Control Panel.
 
-### Backup Codes
+If you need to disable 2FA, please contact Hypernode Support at **support@hypernode.com**.
+
+## Recovery from Lost Authentication App
+
+If you lose access to your authentication app, contact **support@hypernode.com** for assistance.
+
+## Troubleshooting
 
-If you lose your phone or you've deleted your authentication app, you can use one of the backup codes to sign in. Each code can only be used once. Your backup codes were provided at the time you set up 2FA, but you can always find them on your Account page. We highly recommend you to save these codes somewhere safe.
+### Cannot Verify TOTP Code
 
-If you receive a verification code you didn't request, there is a possibility that there's been an attempt to compromise your account. We recommend accessing your account and changing your password as soon as possible. If you lose access to your 2FA code generator, contact support@hypernode.com.
+If you cannot verify the TOTP code, and getting "Entered token is not valid." message, please check your time settings on your mobile device. TOTP codes are time-sensitive, and incorrect time settings can lead to verification failures. If your device time is incorrect, you can try to sync it with the Internet.