How to set-up your two-factor authentication (2FA) on your SDP account

Owned by Jo Tayler
Last updated: 09 Oct, 2024 by Jo Tayler
3 min read

Two-factor authentication (2FA) increases the security of our CMS by requiring a single-use code in addition to your password.

SDP is rolling out this feature gradually. We’ll notify all users by email before the launch of 2FA on your CMS.

How to set up 2FA

Next time you log in to your CMS account, you’ll be required to set up 2-factor authentication.

  1. Navigate to your CMS login screen (e.g. content.vic.gov.au).

  2. Enter your username and password and click ‘Log in’.

  3. You’ll see a warning message ‘You need to enable two-factor authentication’.

    image-20240910-064051.png

  4. Scroll down and click on the ‘Enable two-factor authentication via email’ link. You’ll be asked to enter your password again and click the Confirm button.

    image-20241009-055239.png

  5. Tick the checkbox and click the Save button.

  6. The screen will change to show ‘TFA enabled’. You can now start working in the CMS.

How to log in using TFA

  1. The next time you log in, after entering your username and password and clicking the Log in button, you’ll see the following screen. You’ll see that the Verify button is greyed out. Click the Email me a verification code button. The screen will refresh and the Verify button will now be blue and available.

  2. Leave the CMS login browser tab open and go to your mail app/site to find the email with the code. Copy the code into the ‘Authentication code’ field and click on the Verify button.

  3. If you didn’t enter the code from your email before it expired, you can click the Resend button.

  • Each code sent to your email is set to expire after 10 minutes.

  • Each code expires after it is used.

Your email address must be current in your CMS account

Before you set up your 2FA, it’s important that your user account has your current email address.

You can check and update this by clicking on your username at the top of the screen and then Edit profile.

Troubleshooting and getting help

Failed validation limit reached

You get 6 attempts within a 5-minute period to get your 6-digit 2FA verification code correctly.

If you get all 6 attempts wrong, you will see:

Error message:

Failed validation limit reached. 6 wrong codes in 5 min. Try again later.

If you reach the validation limit:

  1. Wait 5 minutes.

  2. Go to your CMS log in screen and try again.

    1. Refreshing or trying to log in again on the page you received the ‘failed validation limit’ page will result in a ‘page not found’ error.

If you are still receiving the ‘failed validation limit reached’ message after waiting 5 minutes, fill out an SDP support request. Be descriptive in your request so we can assist you as quickly as possible. 

Â