# 13. Login Secure device access is critical when working with personally identifiable information. Users verify their identity by entering their credentials (username and password). This ensures that only authorised users can access the app and the data it contains. Two Factor Authentication (2FA) adds an additional layer of security by requiring users to provide a second form of authentication. This is a verification code sent to their mobile device or email depending on the system configuration, in addition to their login credentials. This helps prevent unauthorised access even if a user's login credentials are compromised. ### **Configuration options** * Set Two Factor Authentication (2FA) communication method (SMS or email) * Set Two Factor Authentication (2FA) request time period (default 2 weeks) ### **Pre condition** User has an account ### **Triggers** User enters their username and password ### **Standard flow** 1. Navigate to OpenCRVS instance address eg. [www.farajaland-opencrvs.org](http://www.farajaland-opencrvs.org) 2. Enters username 3. Enter password 4. Click ‘Login’ 5. If Two Factor Authentication (2FA) required (…) 1. User checks their email for 2FA code 2. User checks their phone for 2FA code 6. User enters 2FA code 7. User click ‘Verify’ 8. User shown loading screen 9. User successfully logged ### **Post conditions** * User is logged into their account * User audit updated to show user logged in (time, ip address and device, ### **Variations/Exceptions** * Error if username and password combination not recognised * Error if 2FA code is not valid --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.opencrvs.org/v1.4/product-specifications/support-functions/10.-login.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.