Two-factor authentication (2FA)

Step 1: Download an authenticator app.

• Google Authenticator: iPhone, Android
• Twilio Authy: iPhone, Android
• Okta: iPhone, Android
• Duo Mobile: iPhone, Android

Step 2: After downloading your app of choice, ensure that your device's date and time settings are configured to Automatic mode. Authenticator apps generate 2FA codes using the current time on your device, so if the time is set incorrectly, the wrong code will be generated. Step 3: Click your company name at the top right of your dashboard and go to Personal settings. Step 4: Under Personal, find Two-factor authentication and click Change method. Step 5: Choose Authenticator app and click Continue. Step 6: Open your authenticator app and use it to scan the QR code, then click Continue. Note: If you can’t scan the QR code, choose manual entry on your app, and enter the code shown on the screen. Step 7: Enter the six-digit code from your authenticator app and click Continue (the code typically expires after 30 seconds). Step 8: Copy or download the recovery codes and save them in a secure place, then click Continue. Once 2FA is enabled, it cannot be disabled. If you ever lose your phone, you can use your recovery codes to sign in to Brex. Each recovery code can be used once. If you do not have access to your recovery codes, you can contact your admin to receive a one-time recovery code via email.

We strongly recommend using an authenticator app, as this provides greater security and does not require a working cell network to use. However, if you prefer to use SMS messaging, please follow these instructions. Step 1: Click your company name at the top right of your dashboard and go to Settings. Step 2: Under Personal, find Two-factor authentication and click Change method. Step 3: Choose Text Message and click Continue. Step 4: Enter the phone number you want your code sent to and click Continue. This phone number will replace any existing phone number on your account and will be used for customer communications and fraud prevention moving forward. Step 5: Enter the six-digit code sent to your phone number and click Continue (the SMS code will typically expire after three minutes). Note: Once 2FA is enabled, it cannot be disabled. If you don’t receive your SMS code, your admin can generate a one-time recovery code via email.

Note: If you’ve elected to receive SMS codes to complete 2FA, this option won’t be available. Instead, please contact your admin to receive a one-time 2FA recovery code by email to access your account and follow the instructions in the email to reset your 2FA. Step 1: Sign in with your email and password. Step 2: When asked to enter a 6-digit code, click Reset your two-factor authentication below Enter code. Step 3: We’ll send a 6-digit SMS code to the phone number associated with your Brex account. Enter the code on this page and click Sign in. Step 4: In the authenticator app of your choice, remove your Brex account. Step 5: In your dashboard, go to Personal settings > Two-factor authentication. Step 6: Click Setup, make sure you have Authentication app selected, and click Continue. Step 7: In your authenticator app, click the + sign or Add and scan the QR code from your Brex dashboard. Once the code scans, click Continue. Note: If you have problems scanning the code, choose Enter manually and input the code shown on screen, instead. Step 8: Enter the six-digit code from your authenticator app and click Continue. The code will expire in 30 seconds. Step 9: Copy or download the new recovery codes and make sure you’ve stored them in a secure place. When you’re done, click Continue. Note: After enabling 2FA, it cannot be disabled. If you don’t have access to your phone, you can use each recovery code one time to access your Brex account. Step 10: Sign into your Brex app using the six-digit code from your authenticator app, to make sure that it’s working.

If a member of your team is unable to access their account as their phone number has changed, admins have the ability to send a 2FA recovery code by email. To do so, please follow the steps below: Step 1: In your Brex dashboard, go to Teams. Step 2: Click on the user who needs to have their 2FA reset. Step 3: Click User actions > Send 2FA recovery code > Send code. This will send an email to the address your employee has on file that includes the recovery code and instructions to reset their 2FA settings. This code will only be valid for 2 hours. To complete the 2FA reset and to ensure that their 2FA is reset moving forward, the user will need to follow the setup steps listed above.