Skip to navigationSkip to main contentSkip to footerScaleway DocsAsk our AI
Ask our AI
Log inSign up

How to use Multifactor Authentication (MFA)

Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.

You can enable Multifactor Authentication (MFA) on your Scaleway account for enhanced security. Even in the event of a leaked password, your account is protected.

Two MFA methods are available:

  • One-time password (TOTP) - method through which you access your account using a unique, time-based validation code generated by an app.
  • Passkey - secure authentication method that eliminates the need to create, manage, or remember passwords.
Important

If you are an account Owner, you can set up the two different MFA methods at the same time. We recommend you have at least one of the two MFA methods set up at a time, to keep your account safe.

Before you start

To complete the actions presented below, you must have:

  • A Scaleway account logged into the console

How to enable TOTP

To use TOTP on your account, you first need to download an authenticator tool. Once configured, TOTP apps display a constantly rotating set of codes to use with your different accounts when you are prompted for one during login. Popular TOTP apps include:

  1. Download the app of your choice and install it onto your smartphone.
  2. Go to your Account Security page.
    Important

    If you are logged in as an IAM Member, click Credentials in your user overview page.

  3. Click Set up TOTP, in the Multifactor authentication section. A pop-up displays.
  4. Enter the code shown on the pop-up into your MFA app, or scan the QR code into your app. Your app sets up MFA for your Scaleway account and displays a 6-digit code.
  5. Enter the 6-digit authentication code given by your app into the box, then click Submit.
  6. Download or copy the backup codes shown, and store them in a safe place. These codes will be the only way to regain access to your account without your TOTP app.

TOTP MFA is now enabled on your account.

Next time you log in to your Scaleway account, you will be prompted for a TOTP code. Use your TOTP app to get the code and enter it in the Scaleway console.

How to update TOTP

If you no longer have access to the device in which you set up your TOTP, you can update your TOTP information and set it up via the Scaleway console.

Before you start

To complete the actions presented below, you must have:

Important

If you have lost access to your account and are not able to log in, follow the Cannot log into my account troubleshooting procedure.

  1. Go to your Account Security page.
  2. Click Update TOTP, in the Multifactor authentication section. A pop-up displays.
  3. Enter the code shown on the pop-up into your MFA app, or scan the QR code into your app. Your app sets up TOTP for your Scaleway account and displays a 6-digit code.
  4. Enter the 6-digit code given by your app into the pop-up box, and click Submit.
  5. Download or copy the backup codes shown, and store them in a safe place. These codes will be the only way to regain access to your account without your TOTP app.

How to delete TOTP

  1. Go to your Account Security page.
  2. Click Delete TOTP, in the Multifactor authentication section. A pop-up displays.
  3. Type DELETE in the box to confirm, then click Delete TOTP.

TOTP is now disabled on your account.

Important

If you delete TOTP as a Member of an Organization that has MFA enforced, you will need to re-enable it before the Organization's grace period ends, otherwise your Member account will be locked.

How to enable passkeys

A passkey is a passwordless authentication method that allows you to securely log in to apps and websites through public-key cryptography. Passkeys at Scaleway are supported by the WebAuthn standard.

When you enable a passkey, your authenticator tool generates a public/private key pair. The private key stays securely on your device while the public key is sent to Scaleway.

When you log in, the Scaleway sends a challenge to your device. Your device uses the private key to sign the challenge. Scaleway verifies the response using the public key.

Important

This MFA method is currently not available for IAM Members.

Before you start

To complete the actions presented below, you must have:

  1. Go to your Account Security page.
  2. Click + Add passkey, in the Multifactor authentication section. A pop-up displays.
  3. Enter the passkey name you configured in your password manager.
  4. Click Start. Your password manager will be called and a pop-up might appear in your browser.
  5. Follow your password manager's instructions to confirm and finish setting up the passkey. If the process was successful, you will see a pop-up affirming that the passkey was added.
  6. Click Close.

You see a list of your passkeys.

How to delete a passkey

  1. Go to your Account Security page.
  2. Click delete icon, next to the passkey you want to delete in the Multifactor authentication section. A pop-up displays.
  3. Type DELETE in the box to confirm, then click Delete passkey.

TOTP is now disabled on your account.

Important

Keep in mind that the passkey will be deleted from your Scaleway account only. You may need to manually delete it from your authenticator service account.

See Also
How to configure support plansHow to change a password
Still need help?

Create a support ticket
No Results