NetSuite: Changing Two-Factor Authentication Method or Device

NetSuite, like all other web-based applications used by HPG, requires Two-Factor/Multi-Factor Authentication (2FA/MFA). 2FA/MFA helps verify that a user is who they claim to be by utilizing form of authentication that is unique to the user.

This guide will show you how to set up and add a new 2FA method to your NetSuite account.

Requirements

Smart Phone
Microsoft Authenticator or another Authentication App supporting OTP

note: If hardware token is desired, do not follow this guide. Hardware tokens must first be requested, and assistance will be needed to set up the token properly. Use this form to request a Hardware Token: MFA Hardware Token Procurement : HPG Brands

Guide

Login to NetSuite
Click Reset 2FA Settings found under the Settings portlet on your home dashboard
On the Reset 2FA Settings page, enter your NetSuite password. You might also need to enter a verification code or backup code.
Click Reset.
When you click Reset, you remove your existing 2FA setup information. A confirmation screen states that your registered 2FA devices were successfully reset. You also receive an email notification from NetSuite that your registered 2FA devices have been reset, and can no longer be used to access your NetSuite account.
Log out of NetSuite and Log back in
You should now be required to setup a new 2FA method
Using the authenticator app on your phone:
1. Scan the QR code displayed, or manually enter the string of characters shown next to the QR code.
  
  The authenticator app generates a verification code.
2. Enter the verification code.
  
  Verification codes generated by authenticator apps expire approximately every 30 seconds. Enter a new code if the initial code you receive expires.
  
  Important: If you have entered several codes in a row that have been refused, do not keep trying codes from your app. After five failed attempts, you will lock yourself out of NetSuite. If the time on your phone or app is not properly synchronized, NetSuite will not accept the verification codes generated by your app. See Troubleshoot Authenticator Apps for potential solutions.
  Click Next.
3. Click Next
Ten backup codes are displayed in the UI.

These unique backup codes can be used to log in to a 2FA role when you are unable to receive a verification code. Each backup code can be used only a single time.

Important: Treat backup codes as securely as you would treat a password. This is the only time these unique ten codes are displayed in the UI. You cannot retrieve these from the system after you close this window. If you lose these backup codes, you can generate new ones.
Click Next

Your 2FA method has now been set up. Remember to treat the 2FA codes both in the app and from the backup codes list as sensitive information and never share them with anybody else. For additional information regarding this process, please see NetSuite's user docs here: NetSuite Applications Suite - Set up Your Preferences for Two-Factor Authentication (2FA) (oracle.com)