Two-factor authentication (2FA) is an added layer of security for your Vonage account. It can be enforced at the account level for all users or individual users can enable it for themselves. Once enabled, a password and six-digit verification code are required to sign in. The code is retrieved from the phone number supplied by each user; a Super User or Administrator cannot set this phone number for their users. To ensure the highest level of security, only the end user can authorize resetting their 2FA phone number. This is to prevent unauthorized access and protect against potential account takeovers. Allowing such changes by an Administrator or Super User could introduce security risks, such as social engineering attacks.

IMPORTANT: 2FA must be enforced on your account if you require international dialing.

NOTE: You cannot use a Virtual or Vonage phone number for verification; instead, your mobile phone number is strongly recommended. We accept mobile numbers in the following countries:

Enforce 2FA at the Account Level

Contact Us to enforce 2FA account-wide. Once enforced, these conditions exist:

• All users who are not signed in with SSO or 2FA at the user level are signed out immediately. On their next sign-in attempt, these users are prompted to enter a phone number that will be used to retrieve their verification code.
• Account-wide enforcement of 2FA cannot be disabled.

To review your account's 2FA status, follow these steps:

1. Sign in to the Admin Portal. 
2. Click Account (left navigation), then click Security Settings.

Set 2FA at the User Level

You can set 2FA at the user level before it is enforced account-wide but this is not required.

• If you set it now, your verification phone number remains in effect once it is set at the account level.
• If you do not set it now, you will be prompted to enter a verification phone number when it is in effect at the account level; this number will be stored for future sign-ins.

To set your verification phone number now: