Two-Factor Authentication (2FA) greatly improves security, but it also means that if the second step fails, you can’t log in—even if your username and password are correct.
This article explains the most common causes of 2FA problems, what you can try yourself, and when you must contact a system administrator to recover your account.
⚠️ Important:
In most cases of 2FA failure or lockout, you will need to contact your system administrator. Users cannot bypass or disable 2FA on their own once they’re locked out.
You may encounter one or more of these issues:
You never receive a 2FA code (email, WhatsApp, Viber, etc.).
The code you enter is always “invalid”.
The screen says your session expired and you must log in again.
You lost your phone or no longer have access to:
Your email, or
Your WhatsApp / Viber number, or
Your Authenticator App.
These are usually caused by a few recurring issues.
Typical reasons:
Wrong or outdated email address or phone number stored on your user account.
Messages are being:
Filtered to Spam / Junk / Promotions (for email), or
Not delivered due to network/provider issues.
Your mailbox is full, disabled, or your email account was deactivated.
Your phone is:
Offline (no data/Wi-Fi),
Using WhatsApp/Viber on a different number, or
Not properly linked to WhatsApp/Viber Desktop.
What you can try:
Check your Spam/Junk mail folders.
Make sure your phone has internet access and WhatsApp/Viber is working.
Confirm you are checking the correct email account or phone number.
If nothing arrives after multiple attempts, contact your administrator.
They may need to correct your email/phone number or temporarily change your 2FA method.
This can happen with Email, WhatsApp/Viber, or Authenticator App codes.
Typical reasons:
Typing mistakes (missing digits, extra spaces, swapped numbers).
Using an older code instead of the most recent one.
For authenticator apps (TOTP):
The code has expired (timer reached 0).
The wrong account is selected in the app (if you have multiple).
Your phone’s time/date is incorrect, which breaks TOTP codes.
What you can try:
Carefully retype the code (all 6 digits, no spaces).
Always use the latest code you received.
For authenticator apps:
Ensure you’re using the correct SIX ERP account entry.
Set your phone time to automatic network time and try again.
If the app shows only a few seconds left (e.g. 3–5 seconds), wait for the next code and use that one.
If codes are still “invalid” every time, you may need your 2FA setup reset by an administrator.
With 2FA in SIX ERP there are two time limits:
The code’s lifetime (usually 60 seconds for authenticator apps).
The SIX ERP session timer on the 2FA screen (how long the system waits for a code).
Problems occur when:
You wait too long and the code expires in your authenticator app.
The SIX ERP 2FA page times out, forcing a new login.
Typical scenario with authenticator apps:
The app timer shows just a few seconds left, you enter the code, and by the time you submit, it’s already expired.
SIX ERP rejects it and may reset the flow.
What you can do:
If the app timer is low (e.g. 5 seconds left), wait for the next full code and enter that one.
Try to enter the code promptly after it appears.
If the SIX ERP 2FA screen says the session expired, start over:
Log in again with username and password.
Use a fresh code immediately.
This is the most serious and common cause of hard lockouts:
You lose your phone or it is broken.
Your SIM card/phone number is changed or deactivated.
Your company email account is disabled, changed, or you no longer have access.
You uninstalled the authenticator app and didn’t back up your accounts.
In all these cases you cannot receive or generate codes at all.
❗ In these situations, you cannot recover access by yourself.
You will need help from a system administrator.
An administrator can:
Temporarily disable 2FA on your account, or
Switch you to a different 2FA method (e.g. from Authenticator App to Email), or
Re-register your 2FA setup on a new device.
Sometimes problems arise simply because the “wrong” method is enabled or expected:
You think you are using Email 2FA, but your account is configured with Authenticator App.
WhatsApp/Viber was enabled but your number is incorrect, or you don’t use that channel.
An administrator changed your 2FA method for policy reasons.
What you can do:
Check MFA Management (if you can still log in) to see which methods are active.
If you’re already locked out, explain to your administrator:
Which method you prefer (Email, Authenticator App, WhatsApp/Viber), and
Which devices/accounts you actually have access to.
The administrator can then adjust your method accordingly.
You should stop retrying and contact an administrator when:
You cannot receive any code (email, WhatsApp/Viber, push, etc.).
Codes are always invalid despite careful entry and correct timing.
You lost access to your email, phone number, or authenticator app/device.
You suspect your user profile data (email/phone) is wrong and you can’t correct it yourself.
You’re seeing a lockout message or repeated session expiries after several attempts.
When contacting your administrator, it helps to provide:
Your username.
Which 2FA method you think is enabled (Email, Authenticator App, WhatsApp/Viber).
A brief description of the problem (e.g. “no email arrives”, “authenticator codes always invalid”, “lost phone”, etc.).
Any relevant screenshots (error messages) if allowed.
Remember: Administrators are the only ones who can override, reset, or disable 2FA for security reasons.
To minimize 2FA issues:
Keep your email address and phone number up to date in your profile (when self-edit is allowed).
Ensure your phone time is set automatically (important for authenticator apps).
If you change phones:
Migrate or re-register your Authenticator App before wiping the old device.
Do not rely on a single point of failure:
If possible, have at least one backup 2FA method (e.g. Authenticator + Email).
Immediately inform your administrator if:
You lose your phone/SIM,
Your email changes,
Or you notice suspicious login attempts.
Two-Factor Authentication in SIX ERP
Security in SIX ERP
Setting up email two-factor authentication
Setting up TOTP two-factor authentication with an Authenticator App
Setting up two-factor authentication with WhatsApp
Best Practices for maintaining secure connections to your ERP