2FA in SIX ERP

Two-Factor Authentication (2FA) in SIX ERP adds an extra layer of protection to your account by requiring something you know (your password) and something you have (a one-time code) before granting access. In SIX ERP this helps protect user accounts, company data, and systems from unauthorized access—even if someone knows your password.

This article explains which 2FA methods are available and what users need to do when 2FA is enabled on their account.

Available 2FA verification types

SIX ERP currently supports these verification types:

Default verification types

These are the standard options; which ones you see depends on how your instance is configured:

Email authentication

You receive a 6-digit passcode by email.

You enter this code on the 2FA screen shown right after your normal login.

Authenticator App (TOTP)

You use Google Authenticator or Microsoft Authenticator (or any compatible TOTP app).

After login, you enter the time-based code shown in your authenticator app.

These two together are considered the default 2FA types in SIX ERP.

Additional verification types (client-specific)

Depending on your contract and setup, a third channel can be enabled:

Messaging App Authentication (optional)

WhatsApp or Viber authentication.

You receive a verification code via the configured messaging app and enter it on the 2FA screen.

Availability of WhatsApp/Viber is client-specific and may require activation by SIX support or your system administrator.

General 2FA login flow

Once 2FA is enabled for your account or instance:

• Enter your username and password as usual.

• If credentials are correct and 2FA is required, SIX ERP shows a Two-Factor Authentication screen.

Depending on your configured 2FA method, you must:

• Enter the 6-digit email code, or

• Enter the code from your Authenticator App, or

• Enter the code received via WhatsApp/Viber.

Using Email Authentication

When your 2FA method is Email authentication, this is what happens after you log in:

1. Login with username and password.

2. You are redirected to the Two-Factor Authentication screen asking for a 6-digit code.

3. SIX ERP sends an email to your registered email address containing this one-time code.

4. Open your email inbox and find the message (check Spam/Junk if you don’t see it).

5. Enter or copy the 6-digit passcode exactly as shown in the email (no spaces).

6. Confirm/submit the code in the interface.

7. If the code is valid, your login completes and you are taken into the system.

Tips & troubleshooting for email codes

No email received?

1. Wait a few seconds and refresh your inbox.

2. Check Spam, Junk, or Promotions folders.

3. Make sure you’re checking the correct email account (the one linked to your SIX ERP user).

4. If you still don’t receive anything, contact your administrator or IT.

Code doesn’t work?

1. Make sure you copied all 6 digits correctly.

2. Avoid extra spaces before or after the code.

3. Request a new login and new code if needed.

Using an Authenticator App (Google/Microsoft)

When you use Google Authenticator or Microsoft Authenticator, SIX ERP relies on time-based one-time passwords (TOTP). These codes:

1. Change automatically every 60 seconds.

2. Are generated on your mobile device.

3. Must be entered quickly before they expire.

This article focuses on using the authenticator once it’s set up. Initial setup & pairing will be covered separately in an admin/setup guide.

Login steps with an Authenticator App

1. Login with username and password to SIX ERP.

2. After login, you see the Two-Factor Authentication screen asking for a code.

3. On your phone, open Google Authenticator or Microsoft Authenticator.

4. Find the entry for your SIX ERP account/tenant.

You’ll see:

1. A 6-digit (or similar) code, and

2. A countdown timer showing how long the code is valid (typically 60 seconds total).

3. Check that there is sufficient time left (ideally more than a few seconds).

4. Type the current code into the SIX ERP 2FA screen.

5. Confirm/submit the code.

If the code is correct and entered before the timer reaches 0, your login completes.

Important behavior & timing

1. Codes rotate every 60 seconds.

2. When the countdown reaches 0, that code is no longer accepted.

3. If the timer runs out before you submit, or you submit after expiry: The verification will fail.

You will need to restart the login with your username and password and try again with a fresh code.

Be quick but accurate:

1. Avoid waiting until the last 2–3 seconds of a code’s life.

2. If the timer is nearly at 0, wait for the next code and then enter it.

Common authenticator issues

Code always invalid:

1. Make sure you’re using the correct account in the app (some users have multiple accounts).

2. Ensure the time on your phone is set automatically (incorrect device time can break TOTP codes).

If the problem persists, contact your administrator to reset your 2FA setup.

Using WhatsApp or Viber Authentication (if enabled)

For some clients, SIX ERP can be configured to send 2FA codes via WhatsApp or Viber instead of email or authenticator apps.

The flow is similar to email 2FA:

1. Login with username and password.

2. The Two-Factor Authentication screen appears.

3. SIX ERP sends a verification code to your configured WhatsApp or Viber number.

4. Open WhatsApp/Viber on your phone.

5. Find the message containing the verification code.

6. Enter the code into the 2FA screen in SIX ERP and submit.

These are the standard options; which ones you see depends on how your instance is configured!

See also:

Security in SIX ERP
Setting up email two-factor authentication
Setting up TOTP two-factor authentication with an Authenticator App
Setting up two-factor authentication with WhatsApp
Troubleshooting two-factor authentication
Best Practices for maintaining secure connections to your ERP