BoldDesk 2FA Reset & Recovery Codes: Complete Admin Guide

This article explains how BoldDesk administrators and agents can help customers regain access when they lose their Two‑Factor Authentication (2FA) method. It covers sending a recovery code, guiding the customer to re-enable 2FA, and validating Customer Portal security settings in the Admin Center.

What you can do in BoldDesk

• Send a recovery code to a customer directly from the Contacts record.
• Guide the customer to log in with the code and reset or re‑enable 2FA in their Customer Portal profile.
• Verify prerequisites in Admin → HelpDesk → Settings → Customer Portal → Security so recovery is available.
• Audit actions and diagnose delivery issues under Admin → General → Audit Logs.

Send a Recovery Code (Agent/Admin workflow)

Perform these steps in the HelpDesk workspace:

• Open Contacts.

• Search and open the Contact (customer) record.

• Select the More (⋮) menu in the top‑right.

• Click Send Recovery Code.

• Ask the customer to check their email and use the code to sign in to the Customer Portal.

  
  
  

Customer steps: Log in and reset 2FA

After receiving the recovery code, the customer:

• Opens the Customer Portal sign‑in page.

• Enters their email and Recovery Code.

• After login, goes to Profile → Security.

• Selects Enable 2FA or Reset 2FA and completes the setup.

• Saves changes and stores new backup/recovery codes securely.

  
  
  

Role & permission requirements (optional but recommended)

To allow agents to execute recovery actions:

• Navigate to Admin → Users & Permissions → Roles and Permissions.

• Open the relevant Role.

• Ensure the role has privileges to view/update Contacts and perform Customer Portal security actions (manage setting under admin).

• Assign the role to the intended Agents.
  

  
  
  
  

Monitor and troubleshoot with Audit Logs

Use Admin → General → Audit Logs to verify and diagnose the recovery flow:

• Activity Logs – Confirm which agent sent a recovery code and when.
• Access Logs – Validate customer sign‑in attempts using the recovery code.
• Email Failure Logs – Troubleshoot recovery email delivery issues.

FAQs

1) Can I revoke a recovery code after sending it?
Recovery codes are single‑use and time‑bound. If you need to invalidate access, send a new code; the latest code supersedes earlier ones. You can also enforce sign‑out via security policies.

2) Do customers always need to reset 2FA after using the code?
Yes. The recovery code only facilitates login. Customers should go to Profile → Security and Enable/Reset 2FA immediately.

3) Why didn’t the customer receive the email with the recovery code?
Check Admin → General → Audit Logs → Email Failure Logs and confirm the contact’s email address. Re‑send the code if needed.

4) Can I limit which agents can send recovery codes?
Yes. Configure access in Admin → Users & Permissions → Roles and Permissions so only authorized roles can perform recovery actions.

5) Will SLAs or automations be affected by recovery actions?
Recovery is separate from ticket SLAs. However, any Email Notifications or Workflows you design may log activity. Review Audit Logs for confirmation.

Related articles

• Secure Your Account with Two-Factor Authentication in BoldDesk