# Account Security

To protect your IONOS Cloud account from unauthorized access, each account comes with the following security features:

* [Change Password](#change-password)
* [Set up 2-Factor Authentication](#set-up-2-factor-authentication)
* [Set Support PIN](#set-support-pin)

## Change Password

You can provide the password for your IONOS Cloud account during registration. Use the [<mark style="color:blue;">Password Policy</mark>](https://docs.ionos.com/sections-test/guides/set-up-ionos-cloud/management/identity-access-management/password-policy-management) feature to enforce secure password practices by defining rules for password creation and modification that apply to all users within the contract.

To change the password, follow these steps:

1. In the **DCD**, go to **Menu** > **Your Profile** > **Password & Security**.
2. In the **Change Password** view, enter your **Current Password**, **New Password** and then **Repeat New Password**.
3. Select **Change Password**.

{% hint style="success" %}
**Result:** The password is changed and becomes effective with the next login.
{% endhint %}

!\[Change Password window]\(../images/management/account-management/password.png)

{% hint style="warning" %}
If you forget your password, then you can reset it. For more information, see [<mark style="color:blue;">Resetting Your IONOS Cloud Account Password</mark>](https://www.ionos.com/help/my-account/access-passwords/resetting-your-ionos-account-password/).
{% endhint %}

## Set up 2-Factor Authentication

You can set up 2-Factor Authentication in addition to your login credentials. This authentication method requires an app-generated security code. Once 2-Factor Authentication has been activated, you can only access your account by entering the authentication code you receive from the **Authenticator App**. This method can be extended to hide specific data centers and snapshots from users, even if they belong to an authorized group. This feature is only available in DCD.

{% hint style="info" %}
**Prerequisites:**

* Based on your device, install any **Authenticator App** of your choice.
* The **Authenticator App** must be able to access your camera, and the time on the mobile device needs to be set automatically.
  {% endhint %}

{% tabs %}
{% tab title="Activate for your own account" %}
You can turn on 2-Factor Authentication for your accounts.

{% hint style="info" %}
**Note:** An administrator or a contract owner can enforce 2-Factor Authentication for subuser accounts but cannot enable it for those accounts. Only account users can enable 2-Factor Authentication for their accounts. Once you enable it, the DCD application will prompt you for 2-Factor Authentication during your next login.
{% endhint %}

To activate 2FA for your account, follow these steps:

1. In the **DCD**, go to **Menu** > **Your Profile** > **Password & Security**.
2. In **2-Factor Authentication** section, select the **Enable 2-Factor Authentication** option. The **2-Factor Authentication Setup Assistant** will open.

![Enable 2-Factor Authentication from the Password & Security tab of the Account Settings](https://1737632334-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MifAzdGvKLDTtvJP8sm%2Fuploads%2Fgit-blob-9713e454e610699921316d6b22f9ff294d992dd0%2Fsettings-2fa.png?alt=media) 3. Proceed through each step by selecting **Next**.

* Install the Authenticator app from the [<mark style="color:blue;">Google Play Store</mark>](https://play.google.com/store/search?q=authentication+app\&c=apps) or from [<mark style="color:blue;">Apple iTunes</mark>](https://www.apple.com/de/search/Authenticator?src=globalnav) based on your device.
* Scan the QR code using the Authenticator app on your smartphone.
* Enter the **Security Token**.
* Select **Done** to exit the **2-Factor Authentication** window.
  {% endtab %}

{% tab title="Activate for another user account" %}
An administrator or a contract owner can enforce 2-Factor Authentication for subuser accounts but cannot enable it for those accounts. Only account users can enable 2-Factor Authentication for their accounts.

To activate 2FA for another user account, follow these steps:

1. In the **DCD**, go to **Menu** > **Management** > **Users & Groups**.
2. Select the required user in the **User Manager** window.
3. In the **Meta Data** tab, select the **Force 2-Factor Auth** option.
4. Select **Save**.

![Enable 2-Factor Authentication for an individual user from the User Manager window](https://1737632334-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MifAzdGvKLDTtvJP8sm%2Fuploads%2Fgit-blob-767461999758ebe43830c81930902a89f7e86a53%2F2factor-auth.png?alt=media)
{% endtab %}
{% endtabs %}

{% hint style="success" %}
**Result:** The 2-Factor Authentication is enforced to your login workflow and becomes mandatory from your next login if you enable 2-Factor Authentication. You must provide a **verification code** each time you log in to the DCD.
{% endhint %}

## Set Support PIN

To ensure that the support calls are made by authorized users, you are asked for the support PIN to verify the account. You can set your support PIN in the DCD and change it at any time.

To set or change your support PIN, follow these steps:

1. In the **DCD**, go to **Menu** > **Your Profile** > **Password & Security**.
2. In the **Set Support PIN** section, enter your support PIN in the **PIN** field to confirm your identity.
3. Select **Set Support PIN**.

![Set Support PIN window](https://1737632334-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MifAzdGvKLDTtvJP8sm%2Fuploads%2Fgit-blob-1ac248c02f8f9b17d7f95c9ae4fb980ad839393d%2Fset-support-pin.png?alt=media)

{% hint style="success" %}
**Result:** The support PIN is now saved. You can use it to verify your account with [<mark style="color:blue;">IONOS Cloud Support</mark>](https://docs.ionos.com/cloud/support/).
{% endhint %}