Troubleshooting 2FA
Two-Factor Authentication (2FA) can be a crucial part of your organization's security requirements, and not being able to connect due to problems with your configuration can be frustrating. Here are things to look for when user accounts using 2FA are not able to connect.
This page covers failures that can occur after 2FA has been configured and is in use - situations where a user follows the correct steps and still cannot authenticate.
Problems Using SMS Authentication
SMS authentication messages are sent almost immediately after a login attempt. If no message arrives within a few minutes, try reconnecting. Restarting the device sometimes resolves temporary network or connectivity issues.
Each code is valid for 10 minutes and works only once. After a code is used or expires, it becomes invalid. On the next login attempt, Files.com automatically sends a new code by SMS.
Confirm the device has a strong signal, reliable network connectivity, and is not in "Do Not Disturb" mode.
Files.com uses Twilio to send SMS messages. Check Twilio's status page to see whether service issues are affecting the recipient's region.
SMS delivery is handled by third-party telecommunications providers. Files.com initiates the message through Twilio and does not control delivery beyond Twilio's network.
Files.com cannot troubleshoot carrier-specific issues such as blocked messages, delivery delays, or filtering applied by mobile carriers that prevents SMS messages from reaching the device. If these issues continue, switch to an authenticator app or another supported two-factor authentication (2FA) method.
Problems With 2FA and FTP/SFTP/WebDAV
Existing FTP/SFTP/DAV users cannot authenticate after 2FA is enabled until they log into the web app to set up their 2FA method, regardless of whether the mandate is site-wide or at the user level. This applies even if the admin has configured those users to bypass two-factor authentication for FTP/SFTP/WebDAV connections.
Missing Emails
When a user has configured an Email 2FA Method but is not receiving the emails, several tools help track down the issue. Use the Outbound Emails Log to determine when the email was sent.
Have the recipient check their spam folder to verify that the email titled "Verification Code" was not automatically hidden from their inbox.
Some email apps on smartphones and tablets don’t refresh automatically. You may need to refresh or restart the app to receive new emails.
Confirm that the user account's email address is correct, valid, and free of typos.
If the email was sent but did not arrive, the recipient's mail servers may be blocking or rejecting emails from Files.com. Within an organization's network, intermediate servers such as email gateways, forwarders, mail transfer agents, and security systems can modify email content or headers for tagging or classification during transit. Those changes to the subject line, headers, or body can break DKIM signature validity or DMARC/SPF validation, which then causes the receiving mail servers to reject Files.com emails. Review the settings of the organization's intermediate servers to resolve email authentication problems.
Rate Limiting
When the wrong 2FA code is provided too many times in a row, further authentication attempts are rate-limited. An error message indicates that too many authentication attempts have been made.
Wait before attempting to reconnect. Resetting the 2FA method does not shorten the waiting period.
Waiting Period When Removing 2FA Mandate
If users cannot remove their 2FA method after a site-wide mandate is lifted, a 7-day waiting period is in effect. See Removing a 2FA Requirement for details.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes