If you enable 2-factor authentication you will have to enter a randomized passcode in addition to your password when you log into CMS Commander. Since the random passcode changes every minute and can only be known by you this makes it more or less impossible to gain unauthorized access into your account. Even if someone knows your password that is not enough to login.

Please follow these steps to activate 2-factor authentication. Below the post you find several images illustrating the steps.

1. Download and install the free Google Authenticator app. This popular app is developed by Google and will generate your random passcodes. It is available for Apple, Android and Blackberry smartphones as well as for your desktop computer.
   • Android (Requires Android OS 2.1 and up)
   • iPhone, iPod Touch, iPad (Requires iOS 3.1.3 or later)
   • Blackberry (Requires BB10.0 or higher)
   To download the app for your desktop computer you need Mozilla Firefox. In Firefox follow this link and click on the “Free” icon. After that you can start Google Authenticator via Start>Programs>GAuth Authenticator or from within Firefox.
2. Go to the “Choose Sources” page in your CMS Commander account. on the General Settings tab you will find the 2-Factor Authentication with Google Authenticator section. Check the “Active” checkbox and press “Save All Options” to activate 2-factor authentication. Important: Continue to follow the setup steps below or you will not be able to login anymore!
3. This step depends on whether you use your mobile phone or your computer for 2-factor authentication:
   • Smartphones: Press the “Show/Hide QR Code” button. Open the Google Authenticator app in your smartphone, which you installed in step 1. Click on the Options icon (top right) and select Set up account. Choose Scan Barcode and then scan the barcode displayed in your CMS Commander “Options” to save your account to your phone.
   • Computer: If you are using the app on your desktop computer you will have to press the “+” icon and then enter the “Secret Key” exactly as displayed in the CMS Commander “Options” page. For “Account name” you can choose anything.
4. Your Google Authenticator app (either on your phone or in your computer) should now display a random passcode number. This code will change every 30 seconds. When you login to CMS Commander the next time you will be asked to enter the current passcode. When asked for the code simply open the app again on your phone or desktop.

You can disable 2-factor authentication again on the “Options” page at any time. With 2-factor authentication active you need access to the Google Authenticator app on your phone or desktop to log in! Without knowing your passcode you can not login (just like if you forgot your password).

Google Authenticator settings on the CMS Commander “Options” page with QR code visible (after clicking the “Show/Hide QR Code” button)

Desktop app setup: Press the “+” icon to add CMS Commander.

Desktop app setup: Enter the secret code from your CMS Commander “Options” page.

Login with active 2-factor authentication: Enter the current 1-time password in the CMS Commander login form.