FAQ: Multi-factor Authentication
Answers to frequently asked questions on Backstage MFA
1 reader recommends this article
Frequently asked questions
- Q. How can I recover my account that is secured by multi-factor authentication?
- Q. Can ForgeRock remove the multi-factor device from my account?
- Q. I’ve recently lost/changed the phone that I registered as my multi-factor authentication device, how can I register a new one?
- Q. Why am I not receiving an SMS message when attempting to recover my account via the secondary recovery method?
- Q. How do I get my recovery codes?
- Q. How can I reduce the risk of being locked out of my account protected by multi-factor authentication?
- Q. How do I get past the “waiting for a response” page when authenticating?
Q. How can I recover my account that is secured by multi-factor authentication?
If you've lost access to your account due to multi-factor authentication, please follow the instructions outlined in this article to regain access Backstage Account Recovery.
Q. Can ForgeRock remove the multi-factor device from my account?
No, it's not possible for a ForgeRock employee to remove the multi-factor device from your account until all the steps in Backstage Account Recovery have been completed.
Q. I’ve recently lost/changed the phone that I registered as my multi-factor authentication device. How can I register a new device?
Please follow these steps to register a new device:
- If you have access to your account, then login and continue to step 2. If you do not have access to your account, then you'll need to regain access before continuing the steps outlined here. Detailed instructions on how to recover your account can be found in this article Backstage Account Recovery.
- Navigate to the authentication settings page.
- On the list of devices, find the device you wish to remove.
- Click the pencil icon to enable editing.
- Click the trash can icon to remove it.
- You'll be asked to enter your password.
- On the same page, scroll down to the bottom and select a new multi-factor method to register.
More details can be found here: Updating multi-factor authentication settings
Q. Why am I not receiving an SMS message when attempting to recover my account via the secondary recovery method?
The SMS message is sent to the phone number associated with your Backstage account and there could be a few different reasons why it's not being received:
- The number could be a landline. The SMS service relies on the recipients' ability to handle SMS messages.
- You no longer have access to the supplied number.
- The country code could be missing from the start of the number.
- Some mobile carriers occasionally reject messages from our SMS provider.
In this situation please contact backstagehelp.forgerock.com for help.
Q. How do I get my recovery codes?
When you registered your device, you were shown a set of 10 recovery codes to write down and keep in case you get locked out of your account. ForgeRock will never send recovery codes to a Backstage user via email or any other way. If you have access to your account, it is possible to generate new recovery codes if you've lost them by going to your Backstage profile.
Q. How can I reduce the risk of being locked out of my account protected by multi-factor authentication?
Here are some helpful tips to reduce the risk of getting locked out of your Backstage account:
- When registering a device, always write down recovery codes and store them in a safe place.
- Registering multiple devices so that if you lose one device you have another to fall back to.
- During the recovery process, it's possible that you'll have to rely on the phone number and email address that are associated with your Backstage account, so make sure that they are both up-to-date and correct.
Q. How do I get past the “waiting for a response” page when authenticating?
This page is shown during the authentication flow after successfully entering your username and password. It indicates that the page is waiting for you to accept the push notification that has been sent to the ForgeRock app on the device that you registered during MFA setup. If you no longer have the ForgeRock app, the account is missing under “My accounts”, or you don't remember setting up push authentication, please follow the steps outlined in these articles to gain access to your account and remove the device: