Backblaze Accounts & Two Factor Verification
Backblaze supports two-factor verification via SMS (Short Message Service aka text message) to a single phone number registered to the account or via the TOTP (Time-based One Time Password) app of your choice, such as Authy or Google Authenticator.
As fallback options, ten one time use codes can be generated and saved securely, such as in a password manager, safe, or your preferred secure document storage system. For accounts using a TOTP app, SMS is supported as an optional fallback as well.
Note: Accounts using SSO (Single Sign-On) will not have 2FV options available.
To enable Two Factor Verification for the first time, follow these steps:
1. Sign in to the Backblaze website with your current account email address and password.
2. Once signed in, select "My Settings" from the left side navigation links.
3. Select the "Sign In Settings" link on the right side of the My Settings page.
4. After clicking on "Sign In Settings" You'll be prompted to enter in your password and phone number, please enter in the information and click on Send Code, and once you've received the code enter it in and click on Verify
5. Next, you will be presented with the warning below. If you are not ready to sign out and back into the account immediately following this process, wait to continue until later.
6. On the following pane, change the Two Factor Authentication option to "On" and all of the options to enable and configure fallback 2FV options will be available, as shown below.
7. If you choose SMS and leave the Generate Backup Codes option checked and click Update, it will show you a list of 10 backup codes you can use to regain access to your account in the future, should the primary 2FV method be inaccessible. Save or print these codes and keep them in a safe place. Once done, you will be logged out of your account automatically.
Note: SMS will only be available if a phone number has already been registered to the account via the My Settings page.
8. If you choose Authentication Application, open your preferred Authentication Application and scan the QR code shown for your account. Enter the verification code presented in the app and click Verify. It will tell you below that field if it was successful. You also have the option to Allow fallback to SMS, which is enabled by default. This will allow you to have a verification code sent to your verified phone number if you lose your Authentication Application. You can then click Update to save the settings. If you left the Generate Backup Codes option checked, it will show you a list of 10 backup codes you can use to regain access to your account in the future if you lose access to your phone number. Save or print these codes and keep them in a safe place. Once done, you will be logged out of your account automatically.
9. When you log back in, you will see the below screen after you enter your password if you chose SMS. You can click the switch from Off to On to have your current browser trusted, so you won't be asked again for the SMS verification code in that browser. You will still be asked for the code in other browsers or on other devices. You have the option to select Resend Code if you have trouble receiving the SMS code, or click Use Backup Code to enter one of the 10 backup codes you saved previously.
10. If you chose Authentication Application, you will see this screen instead. You can click the switch from Off to On to have your current browser trusted, so you won't be asked again for the Authentication Application verification code in that browser. You will still be asked for the code in other browsers or on other devices. You have the option to select Send SMS Fallback Code to your verified phone number if you have lost access to your Authentication Application, or you can select Use Backup Code to enter one of the 10 backup codes you saved previously.