In December 2025, we upgraded our Account System login process to include multi-factor authentication (MFA) to better protect your account and personal information. The upgrade only impacts how you sign in—everything else about using the Accounts and Publishing Systems is the same.
Create your user account
When creating your user account, you will be prompted to set up multi-factor authentication.
You must use one of the approved authenticator apps: Google Authenticator or FreeOTP. Microsoft Authenticator and Duo Mobile are not supported.
You will be asked to verify your email to activate your account. After email verification, follow the instructions on the Mobile Authenticator Setup page.
Default login method
The default log in method requires an approved authenticator app (Google Authenticator or FreeOTP), which will generate a one-time password (OTP) that you will enter to authenticate your account. The OTP is a 6-digit code that expires every 30 seconds.
You may select from one of the following login options:
- Authenticator OTP + email (username) + password
- Authenticator OTP + email (username) + code sent to your email (email OTP)
- Authenticator OTP + your Google account login
Alternative login method using a passkey
After you have created and verified your user account, you can set up a passkey for a faster, more secure sign-in experience that uses your device’s built-in security methods, such as Face ID, Touch ID, Windows Hello, or a device PIN.
When you use a passkey, an authenticator app is not required for login.
To set up a passkey, follow the instructions displayed in the message window at the top of the Account System Dashboard.
Your account must first be created and verified for multi-factor authentication before passkey can be enabled.
Frequently Asked Questions
MFA adds an essential extra layer of security by requiring multiple methods of account verification, such as an authenticator app, a password, or a code sent to your email. This makes it significantly harder for unauthorized users to access your account, even if your password is compromised.
Authenticator apps are a commonly used form of account verification that generate a verification passcode, like the one you get by text message or email. These apps provide enhanced security by generating time-limited, one-times codes that expire every 30 seconds and are only stored on the user’s physical device. This makes it much less susceptible to hacking or other forms of cyberattack. It is considered safe and standard practice to use personal phones for authentication apps.
Credential Engine uses the SHA-256 algorithm to generate one-time password (OTP) codes. Microsoft Authenticator and Duo Mobile do not support SHA-256 at this time.
We recommend setting up a passkey for a faster, authenticator-free log-in experience. Passkeys use the built-in security methods on a work device as part of the authentication process.
If you’re having trouble signing in with your authenticator code, try the steps below.
- Confirm you’re using an approved authenticator app. Only Google Authenticator and FreeOTP are supported. Microsoft Authenticator and Duo Mobile are not supported.
- If you use your authenticator app for other applications, make sure you enter the code specifically for Credential Engine.
- Reset and reconfigure your authenticator setup. If you are using an approved app, the one-time password (OTP) may not have been fully configured. To fix this:
- Delete the existing entry from your authenticator app. (Usually, you can swipe left on the code to delete it.)
- Log in again and follow the instructions on the Mobile Authenticator Setup screen.
- Scan the QR code using your authenticator app.
- Enter the one-time password (OTP) generated by the app.
Once setup is complete, you should be able to log in successfully. If you are still experiencing issues, please contact accounts@credentialengine.org.
Contact
Please contact accounts@credentialengine.org if you experience issues creating or logging into your user account.