• Security Features and Setup >
• Two Factor Authentication

Two Factor Authentication

Enable Two Factor Authentication (2FA) on a Atlas account to require a verification code in addition to the username and password associated with the account. The verification code can be retrieved from a limited number of sources and is typically something an authorized user has physical access to. With 2FA, a compromised username and password does not provide immediate access to the account.

Atlas provides the following sources for 2FA verification codes:

Text Messages (SMS)

When Atlas prompts the user for a verification code, Atlas sends the 6-digit verification code using text (SMS) to the provided phone number.

The cellular carrier’s SMS rates apply.

Automated Voice Calls (US / Canada only)

When Atlas prompts the user for a verification code, Atlas calls the provided phone number. An automated system repeats the 6-digit verification code a total of three times before hanging up.

The cellular carrier’s Voice Call rates apply.

The Google Authenticator application

When Atlas prompts the user for a verification code, the user generates a verification code through Google Authenticator. Requires pairing Google Authenticator to Atlas.

Note

Atlas users who operate within a geographic region with limited cellular service coverage or reliability may encounter delays in receiving the 2FA code via SMS or Voice. Consider using Google Authenticator instead.

Configure Two-Factor Authentication with Text or Voice

1

In Atlas, click on your username in the top-right hand corner and select Account.

2

Click Enable 2FA for Two Factor Authentication.

When prompted, enter your password for verification and click Verify to continue.

If you are modifying an existing 2FA configuration, click the edit button for Two Factor Authentication. Atlas requires entering a 2FA verification code to continue.

3

Configure Voice/SMS Authentication.

1. Click Primary Method
2. Click Voice/SMS Number.
3. Enter your preferred phone number in the text entry.
4. Select your preferred method of receiving codes:
   • Text Message (SMS)
   • Voice Call (US / Canada Only)
5. Click Verify once you have configured your Voice/SMS authentication settings. Atlas sends a verification code based on your chosen method. Once you receive the verification code, enter it into the provided text entry box one digit at a time.

Atlas automatically verifies the code and saves your settings.

Configure Two-Factor Authentication with Google Authenticator

1

Install Google Authenticator.

• For Android devices, install Google Authenticator via the Play Store. Search for Google Authenticator.
• For iOS devices, install Google Authenticator via the App Store. Search for Google Authenticator.
• For Blackberry devices, you must have OS 4.5 - 7.0 and use US English as the operating language to use Google Authenticator. Visit https://m.google.com/authenticator to download and install the application.

2

Run Google Authenticator.

3

Click Begin Setup.

4

When prompted, select how you will enter the shared private key.

Under Manually Add an Account, select one of the following options:

• Scan a barcode

  Choose this option if your phone supports scanning barcodes.

• Enter provided key

  Choose this option if your phone does not support scanning barcodes, or if you prefer to enter a key.

5

In Atlas, click on your username in the top-right hand corner and select Account.

6

Click Enable 2FA for Two Factor Authentication.

When prompted, enter your password for verification and click Verify to continue.

If you are modifying an existing 2FA configuration, click the edit button for Two Factor Authentication. Atlas requires entering a 2FA verification code to continue.

7

Configure Atlas for Google Authenticator.

1. Click Primary Method

2. Click Google Authenticator.

3. Pair the Google Authenticator app with Atlas.

   • If your smartphone supports scanning barcodes, then scan the barcode using the Google Authenticator application.
   • Alternatively, click Can’t scan the barcode?. Atlas displays the Atlas account name and a key. Enter the key into Google Authenticator using the Enter provided key option.

   Once configured, the Google Authenticator app can produce a 6-digit code for use with Atlas 2FA.

4. Enter the Google Authenticator code into Atlas

Atlas automatically verifies the code and saves your settings.

Configure Backup Two Factor Authentication Phone Number

You can configure a backup phone number for receiving 2FA codes if the primary method fails or is unavailable.

If you have not yet enabled 2FA for the Atlas account, do so before proceeding. See Configure Two-Factor Authentication with Text or Voice or Configure Two-Factor Authentication with Google Authenticator.

1

In Atlas, click on your username in the top-right hand corner and select Account.

2

Click the edit button for Two Factor Authentication.

Atlas requires a 2FA verification code to continue.

3

Configure a backup phone number.

1. Select Add a Backup Phone.
2. Enter your preferred phone number in the text entry.
3. Select your preferred method of receiving codes:
   • Text Message (SMS)
   • Voice Call (US / Canada Only)
4. Click Verify once you have configured your Voice/SMS authentication settings.
5. Click Save Changes.

Generate New Recovery Codes

Atlas can generate single-use recovery codes for use where all other methods of accessing the account fail. When you generate new recovery codes, you invalidate previously generated ones.

If you have not yet enabled 2FA for the Atlas account, do so before proceeding. See Configure Two-Factor Authentication with Text or Voice or Configure Two-Factor Authentication with Google Authenticator.

1

In Atlas, click on your username in the top-right hand corner and select Account.

2

Select the edit button for Two Factor Authentication.

The edit button is displayed in Atlas using a pencil icon.

3

Select Show Recovery Codes.

Reset Two Factor Authentication

Important

Resetting 2FA for an Atlas account disables 2FA for that account. You can re-configure 2FA after performing the reset procedure.

1. Log in to Atlas.

2. From the 2FA entry dialog, select Reset your two factor authentication.

3. Select Atlas user? Click here at the bottom of the Reset Two Factor Authentication modal.

4. Enter your Atlas username. Atlas emails a link to the e-mail account associated with the Atlas username.

   Click the link in the e-mail to start the 2FA reset procedure.

5. Follow the directions on the 2FA reset page. After completing the reset procedure, Atlas allows you to log in to the Atlas account without requiring a 2FA code.

←   Set up VPC Peering Connection Connect to a Cluster  →

© MongoDB, Inc 2011-2017. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.