Enforcing 2FA for all users in an account
Accounts with at least one Site on a plan can enforce 2FA on the Organizational level.
Two-factor authentication (2FA) is a security process in which users provide two different authentication factors to verify their identity. 2FA is a form of multi-factor authentication (MFA) that adds an additional layer of security to your Hotjar account.
- How 2FA works
- Supported authentication apps
- How to enable 2FA
- How to disable 2FA
- How to store recovery codes
- How to use recovery codes
- Two-factor authentication FAQs
Two-factor authentication (2FA) is not available for customers who sign in with SAML SSO
Users who sign in with SAML SSO will not have access to two-factor authentication.
How 2FA works
2FA is an extra step added to the login process to help secure your account. A common example of this is having a code sent to your mobile device that you enter when logging in, to help verify your identity. Another method is using an authentication app which automatically regenerates a code after a certain time period, to be entered during login.
Hotjar supports the second method of authentication mentioned above, which requires an authentication app to be installed on a device you have with you. Recovery codes are also provided in case you lose the ability to use the authentication app.
Supported authentication apps
Any 2FA authentication app that supports time-based, one-time passwords should work with Hotjar 2FA. Some examples of 2FA authentication apps include:
- Google Authenticator
- Authy
- Microsoft Authenticator
- LastPass Authenticator
How to enable 2FA
Go to your My Details page.
Under the Account Security heading, click Enable Two-Factor Authentication.
If prompted, click on Verify email address to receive a verification code by email. Otherwise continue to Step 5 below.
To complete email address verification, enter the code we've sent to your email address.
Scan the QR code using your supported authentication app and click on Next.
Your authentication app will start generating time-based codes for Hotjar.
Inside Hotjar, enter the current six-digit code your app generates, then click Next.
Download or Print your recovery codes and store them securely.
How to disable 2FA
Go to your My Details page.
Under the Account Security heading, click Disable Two-Factor Authentication.
Click on Disable two-factor authentication to confirm.
How to store recovery codes
We strongly recommend both printing your recovery codes out and storing your recovery codes in a secure location, such as inside a password manager. Should you no longer have access to your authentication app and can’t generate a 2FA code, you’ll need your recovery codes to login.
How to use recovery codes
Enter your Hotjar credentials on the Login page.
When asked to enter an authentication code, click Enter a recovery code.
Enter one of your 10-character codes and click Verify to be logged in.
Two-factor authentication FAQs
- I no longer have access to the authentication app/device or recovery codes, what can I do to login?
- Can I have more than one authentication app registered with a single team member’s login?
I no longer have access to the authentication app/device or recovery codes, what can I do to login?
If you can’t access your authentication app/device and you also don’t have your recovery codes, contact our Support team using the Contact us button below for further help.
Can I have more than one authentication app registered with a single team member’s login?
For any given Team Member, only a single authentication app can be used at a time for that Team Member.