This article addresses some common issues and questions you may encounter when setting up your two-factor authentication (2FA) for your Brandwatch account.

General 2FA/MFA questions

What is two-factor authentication (2FA/MFA) and why is it required in Brandwatch?  

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), adds an extra layer of security to your Brandwatch account. In addition to your password, you’ll need to enter a code from an authenticator app on your phone. This helps protect your account even if your password is compromised. 

Is 2FA mandatory for all users? Can I opt out or request an exemption? 

2FA is required for all Brandwatch users to ensure the highest level of account security. In some cases, organizations using Single Sign-On (SSO) may be exempt. If you believe you have a valid reason for an exemption, please contact your account administrator or our Support team.

Can 2FA be disabled for my account or for shared/team accounts?  

2FA is required for all individual accounts. We highly discourage the use of shared or team accounts because they are insecure and can also cause issues with your organization’s channel connections long term. We recommend that organizations create each user their own Brandwatch account. The user will then set up their account’s 2FA using their own mobile device.

Can I use Single Sign-On (SSO) instead of 2FA? How do I request SSO for my organization?  

Yes, we support SSO for organizations. If your company uses SSO, you may not need to use 2FA. We do not enforce 2FA after an SSO login, as we assume authentication security is managed by your SSO provider. To request SSO setup, please contact your IT administrator or reach out to Brandwatch Support with your organization’s details.  

Setting up 2FA

How do I set up two-factor authentication for my Brandwatch account?  

When you log in, you’ll be prompted to set up 2FA. You’ll need to scan a QR code with an authenticator app (such as Google Authenticator or Microsoft Authenticator) on your phone. Enter the code generated by the app to complete setup. Visit our article on Setting Up 2FA for detailed instructions.

Which authenticator apps are supported?  

Brandwatch supports any Time-based One-Time Password (TOTP) authenticator app, including Google Authenticator, Microsoft Authenticator, Authy, Duo Mobile, FreeOTP, Bitwarden, and Okta Verify.

I can’t see the QR code in Brandwatch to set up my authenticator app. What should I do?  

Try refreshing the page or using a different browser. If the problem persists, clear your browser cache or disable browser extensions. If you still can’t see the QR code after trying those options, contact Brandwatch Support.  

I didn’t receive the 2FA setup email. What should I check?  

Check your spam or junk folder. Make sure your email address is correct and that your inbox isn’t full. If you still haven’t received the email, contact your IT team or Brandwatch Support.

My authentication session got interrupted or invalidated.  

If your authentication session got interrupted or invalidated, you will need to begin the 2FA setup process from the beginning. The codes provided only last a certain amount of time, so please try to complete the authentication process quickly in one sitting. Make sure to refresh the QR code screen Brandwatch is providing, scan the code as a new key in your authenticator app, then provide the new numerical code your authenticator app provides to Brandwatch.  

Logging in with 2FA

How do I log in with 2FA?  

After entering your username and password at login or logging in with social login, you’ll be prompted to enter a code from your authenticator app. After Brandwatch verifies the code, you’ll be redirected to your Brandwatch account. Visit our article on Logging in with 2FA for more information.

I have multiple codes for Brandwatch in my authenticator app. Which one do I use?

If you have multiple codes for Brandwatch in your authenticator app due to repeat 2FA setup attempts, it will be confusing to know which code to use. We recommend deleting any previous codes you generated and starting fresh to generate a new code to ensure it’s the correct one. Check your authenticator app instructions for how to delete codes in your app. For example, in Google Authenticator, you can swipe left on a code and tap the trash can icon to delete it from the app. 

I’m not being prompted for 2FA when I log in. Is something wrong?  

Check if your organization uses SSO. If so, 2FA may not be required. If not, you can check if 2FA is enabled on your account via your Brandwatch account’s profile settings and reset your 2FA there.

Brandwatch is asking me for a 2FA code but I didn't set it up, I didn't receive an activation link, or my 2FA may have been set up by someone else.  

If you are not seeing the 2FA setup screen for your account, or you see the option to enter a 2FA code at login but you haven't set up your own authenticator app, we recommend resetting your Brandwatch account password. If you are sharing a login with multiple team members, each Brandwatch user must have their own account for security purposes, and they will need to setup their individual 2FA using their own mobile device.  

Once you reset your password, you will have the option to reset your 2FA in your account settings.

I’m being asked for 2FA every time I log in. Can this be changed?  

For security, 2FA is designed to be required at each login after entering your username and password. This helps protect your account even if your password is compromised. Some browsers may offer to remember your session, but we recommend entering your 2FA code each time. 

Device and access issues

I lost my phone or deleted my authenticator app. How can I regain access?  

Contact Brandwatch Support. We’ll verify your identity and help you reset your 2FA.  

What if my device’s camera is broken and I can’t use a QR code?  

Below the QR code you are provided to set up two-factor authentication in Brandwatch, you’ll see a long code containing letters and numbers. This code can be typed in to set up 2FA with your authenticator app without having to scan the QR code.

How do I transfer my 2FA to a new phone or device?  

Before switching phones, add your Brandwatch account to your new authenticator app. If you no longer have the QR code or backup, contact Support.  

Will Admins be able to reset or manage 2FA settings for team members if access issues arise?  

If you are a Social Media Management-only user, this functionality isn't currently available, but we are actively exploring options to add this capability.

Can multiple devices be used to generate 2FA codes?  

Currently, we support only a single 2FA setup per user. However, apps like Google Authenticator or password managers like 1Password can allow users to access their 2FA codes across multiple devices through cloud syncing.

Will there be an option to use email-based authentication codes instead of an authenticator app?  

Currently, we only support time-based one-time password (TOTP)-based authentication via authenticator apps. 

Resetting 2FA

How can I reset 2FA?

If you can access your account, you can reset your 2FA at any time within your account’s Profile settings.

What should I do if I’m locked out due to 2FA?  

Contact Brandwatch Support. We’ll verify your identity and help restore your access.

How can I reset my 2FA if I can’t access my authenticator app?  

Contact Brandwatch Support and request a 2FA reset.  

Who do I contact for urgent 2FA reset or access issues?  

Contact Brandwatch Support via support portal/email/phone and mention “2FA reset” in your request. 

Other troubleshooting

My authenticator code isn’t working. What could be wrong?  

Since your authenticator code is a time-based, one-time password (TOTP), your authentication code will be generated every 30 seconds and is based on your device clock. Please ensure that Location Services are enabled on your device and/or your date, time, and time zone is set correctly if automatic, or manually adjusted if needed. 

If you're using an iPhone:  

Please ensure your Location Services are enabled in your iPhone's settings. Set automatically needs to be enabled in your iPhone's General > Date and Time settings. This will ensure the codes generated by Google Authenticator can be used without issue.  

If you're using an Android:  

• Go to the main menu on the Google Authenticator app.  
• Click Settings.  
• Click Time correction for codes.  
• Click Sync now.

I’m not receiving 2FA codes. What should I check?  

Ensure you’re using the correct authenticator app and account. Check your phone’s time settings to ensure codes are syncing correctly.

My codes are always invalid or expired. What can I do?  

Authenticator codes expire quickly, typically after 30 seconds. Make sure you enter the code promptly at setup and login before it refreshes.

I’m having trouble with 2FA after changing my email address. What should I do?  

Ensure your email is updated in your Brandwatch profile. If you can’t log in, contact Support.