Security

User type: Both Personal and Organization users

The Security tab in the My OPSWAT Portal allows you to manage your account's security settings, including updating your password, setting up Multi-Factor Authentication (MFA), and configuring a PIN for sensitive actions.

To access this feature, go to your username in the top right corner and navigate to My Information > Security.

Password

Keep your account secure by updating your password regularly. As part of our security policy, passwords must be changed every 180 days.

Password Expiration Notifications

You will receive a notification 7 days before expiration in the following locations:

  • Overview page
  • My Information > Security page

Once your password expires, you will be unable to perform any actions until you update it. To change your password, navigate to My Information > Security and follow the prompts.

Multi-Factor Authentication

Enhance your account security by enabling Multi-Factor Authentication (MFA). MFA adds an extra layer of protection by requiring a second verification step, such as a one-time code sent to your email or mobile device.

Set Up MFA

  • Navigate to My Information > Security tab.
  • Under the Multi-Factor Authentication section, click the Setup MFA button.
  • Follow the on-screen instructions to configure MFA using an authentication app (e.g., Google Authenticator, Microsoft Authenticator).
  • Securely store the recovery code provided during the setup process.

When MFA is enabled and set up, user must input correct TOTP when signing in My OPSWAT Portal.

Disable MFA

  • Go to My Information > Security.
  • Under the Multi-Factor Authentication section, follow the instructions to disable MFA.

Organization-Level MFA Settings

If your account belongs to an organization with MFA requirements:

  • You must set up MFA when prompted during sign-in if one of your organizations enables the requirement.
  • If the organization later disables the MFA requirement, you will still have MFA enabled. You can disable it manually from My Information > Security if desired.

Disabling MFA at the organization level does not automatically turn off MFA for individual users.

Warning: Users must store their MFA recovery code securely. Failure to do so may result in being locked out of their account if the authentication app is lost.

PIN Setup

The Security tab also allows users to set up a PIN: Click the Setup PIN button to confirm changes to sensitive functions. This adds an additional layer of security in-product.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Organizations
On This Page
SecurityPasswordPassword Expiration NotificationsMulti-Factor AuthenticationSet Up MFADisable MFAOrganization-Level MFA SettingsPIN Setup