Skip to main content

Securing an account with two-factor authentication

Stephanie R.
Updated

Learn about the two-factor authentication (2FA) methods we offer and how to enable them.

OVHcloud offers tools to optimize security for your account and services. You can enable two-factor authentication (2FA). This authentication is added to your username/password pair and is managed from a device you own: a phone, tablet, or security key.

This guide will help you:

 

Requirements

 

Instructions

You can enable one or more two-factor authentication methods to secure and control access to your OVHcloud Control Panel. We offer three different methods:

Click each tab across the top to view all content.
 

For this method, you will need to install an OTP application on your Android or iOS smartphone or tablet. Many OTP applications exist (no OTP applications have been developed by OVHcloud) and can be downloaded from the Google Play Store for Android or the Apple Store for iOS. The following two applications are free:

  • FreeOTP for Android
  • OTP Auth for iOS

Once the application is linked to your OVHcloud account, the application generates a single-use code that is valid for a short time (a few seconds) each time you try to log in.

Advantages of this method:

  • Once you have linked the application to your account for the first time, you no longer need to be connected to the internet on your smartphone/tablet for the codes to be generated.
  • You can use a single OTP application for all of your services or sites that require two-factor authentication.

For this method, you must have a U2F physical key that you plug into a USB port on your computer each time you log in to your OVHcloud account. The authentication is then carried out automatically.

This method offers a higher level of security as it is based on independent security equipment, totally separate from your computer, smartphone, or tablet, and is less exposed to the risk of hacking.

When you configure two-factor authentication (via Mobile App or Security Key) for the first time, you will see 10 single-use backup codes displayed in the Control Panel.

This two-factor authentication method complements an already activated method (via Mobile App or Security Key). It cannot be activated alone.

Each time you try to log in, you can enter one of the 10 single-use codes. It is essential to always have at least one remaining backup code. Remember to regenerate them via the OVHcloud Control Panel if you have used all of them, or if you have lost them.

 

Step 1: Enable your first two-factor authentication method

From the OVHcloud Control Panel:

  1. Click your name and then your initials in the upper-right corner.
  2. Select the Security tab.
  3. Click the Enable two-factor authentication button.

Account_OCP_2FA01.png

 

A pop-up window will appear to guide you through the remaining steps. On the first screen, click Next.

Account_OCP_2FA02.png

 

Select a method for two-factor authentication and click Next.

Account_OCP_2FA03.png

 

Follow the instructions on the screen to link your mobile device or U2F security key to your account.

  • Mobile App: Scan the QR code or click the Secret Key button to connect your mobile device. Then enter the One-Time Password (OTP) into the Code field.

  • Security Key: Insert your U2F security key into the USB port of your device. If it has a button, press it.

    NOTE: A pop-up window will open, prompting you to validate the key. If you don't see this window appear, make sure your browser isn't blocking pop-ups.

Account_OCP_2FA04.png

 

Once the key is recognized, you can also add a description. Click Next to continue.

You can also add other devices/methods to give you multiple ways of logging in to your account.

 

Step 2: Save backup codes

When you add two-factor authentication for the first time, will see 10 single-use backup codes displayed in the OVHcloud Control Panel.

Please keep them safe. We recommend saving them in a password manager, such as KeePass or Bitwarden (both applications are free).

NOTE: It is critical that you save these backup codes and ensure that they are valid. If you don't have a security code and your phone/smartphone/tablet or security key is lost or stolen, access to your Control Panel and your services may be blocked.

Account_OCP_2FA05.png

 

You can regenerate or delete backup bodes from your Control Panel:

Account_OCP_2FA06.png

 

Two-factor authentication is now enabled! Click Confirm to finish.

Account_OCP_2FA07.png

 

Step 3: Log in to the OVHcloud Control Panel with two-factor authentication

Go to the OVHcloud login page and enter your Customer Code or primary email address and password.

The login screen displays the last two-factor authentication method used or entered. If you would like to use another method, click Try another method.

Account_OCP_2FA08.png

 

All the methods you have enabled will then appear, including the backup codes method.

Account_OCP_2FA09.png

 

If you choose Use a backup code, you will only need to use one of your backup codes.

Account_OCP_2FA10.png

 

What do I do if I lose one of my devices, or if it stops working?

If your device (mobile phone/smartphone/security key) is lost, stolen, or no longer works, you can:

NOTE: If one of your devices has been lost or stolen, this can compromise the security of your OVHcloud account. Once you regain access to your Control Panel, you must remove this device from the list of devices used for two-factor authentication.

 

Remove a device linked to two-factor authentication

NOTE: Before removing a device, and to avoid blocking access to your account, please check that you have:

  • Another functional device,
  • Another functional two-factor authentication method, or
  • Valid backup codes.

To remove a device, log in to the OVHcloud Control Panel. Navigate back to the Security tab as described above.

Click on the more options ... button to the right of the device you want to delete, and finally, click Delete.

Account_OCP_2FA11.png

 

A final validation code will be sent to the device you want to delete. Enter it into the pop-up window that appears and click Confirm.

NOTE: Removing a single device does not disable two-factor authentication on your OVHcloud account.

 

Disabling two-factor authentication completely

If you still have access to the OVHcloud Control Panel

To completely disable two-factor authentication on your OVHcloud account, you will need to delete all of the devices entered as well as disable the emergency codes.

To remove each device, please refer to the section above.

Once you have removed all of your devices, disable the emergency codes by clicking the Disable 2FA codes button. You will need to enter one of your backup codes as confirmation.

Account_OCP_2FA12.png

 

If you no longer have access to your OVHcloud Control Panel

If you no longer have valid devices and if you no longer have emergency codes, you can request that two-factor authentication be disabled by contacting our support teams.

Before contacting us, you must gather the following documents:

OVHcloud account type Needed documents
Private individual
  • Proof of identity (identity card, driver's license, passport) mentioning full name, date of birth, and expiry date, in the name of the OVHcloud account holder.
Company
  • Company registration documents
  • Proof of identity (identity card, driver's license, passport) mentioning full name, date of birth, and expiry date, in the name of the OVHcloud account holder, or in the name of the person authorized to represent the company.

 

Once you have gathered your supporting documents, contact our OVHcloud support team.

NOTE: Your documents must be sent to us from an email address registered in your OVHcloud account.

After verifying your documents, a support agent will manually disable two-factor authentication on your OVHcloud account.

 

Go further

For more information and tutorials, please see our other My Account support guides or explore the guides for other OVHcloud products and services.

Related articles