This article addresses some common issues and questions you may encounter when setting up your two-factor authentication (2FA) for your Brandwatch account.

What if the authenticator code I've entered isn't accepted?

Since your authenticator code is a time-based, one-time password (TOTP), your authentication code will be generated every 30 seconds and is based on your device clock. Please ensure that your date, time, and timezone is set correctly on your device if automatic, or manually adjusted if needed.

Which authenticator apps are supported for 2FA?

We support all popular authenticator apps. However, we have confirmed that Google Authenticator, FreeOTP, Bitwarden, and Okta Verify work reliably with our suite.

Can I opt out of mandatory 2FA?

Generally, opting out of 2FA is not an option due to important security considerations. However, please contact your Account Manager (AM) or Customer Success Manager (CSM) if you have operational concerns related to this feature.

Does my organization need to set up 2FA with Brandwatch if we have already have 2FA enabled on our SSO?

No, if you log in using SSO, you do not need to set up 2FA on Brandwatch platforms. We do not enforce 2FA after an SSO login, as we assume authentication security is managed by your SSO provider.

Will Admins be able to reset or manage 2FA settings for team members if access issues arise?

If you are an Social Media Management only user, this functionality isn't currently available, but we are actively exploring options to add this capability.

Will there be an option to use email-based authentication codes instead of an authenticator app?

Currently, we only support time-based one-time password (TOTP)-based authentication via authenticator apps.

Can multiple devices be used to generate 2FA codes?

Currently, we support only a single 2FA setup per user. However, apps like Google Authenticator or password managers like 1Password can allow users to access their 2FA codes across multiple devices through cloud syncing.

What if I’ve lost my device?

If you’ve lost your device, please contact our Support Team via email to have your two-factor authentication reset.

What if my device’s camera is broken and I can’t use a QR code?

Below the QR code you will be provided to set up two-factor authentication in Social Media Management, you will see a long code containing letters and numbers. In your authentication app, this code can be used typed in as an alternative method to establish a connection with Social Media Management.

My authentication session got interrupted or invalidated.

If your authentication session got interrupted or invalidated, you will need to begin the 2FA setup process from the beginning. The codes provided only last a certain amount of time, so please try to complete the the authentication process quickly in one sitting. Make sure to refresh the QR code screen Brandwatch is providing, scan the code as a new key in your authenticator app, then provide the new numerical code your authenticator app provides to Brandwatch.

Brandwatch is asking me for a 2FA code but I didn't set it up, I didn't receive an activation link, or my 2FA may have been set up by someone else.

If you are not seeing the 2FA setup screen for your account, or you see the option to enter a 2FA code at login but you haven't set up your own authenticator app, we recommend resetting your Brandwatch account password. Each Brandwatch user must have their own account for security purposes, and they will need to setup their individual 2FA. Once you reset your password, you will have the option to reset your 2FA in your account settings.