From b5170b6b820a6bc5448da007a3d48654714a7b32 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Wed, 1 Oct 2025 15:29:18 +0200
Subject: [PATCH 1/4] feat(acc): webauth
---
pages/account/concepts.mdx | 12 +-
.../how-to/change-ownership-organization.mdx | 2 +-
.../account/how-to/log-in-to-the-console.mdx | 31 ++++--
pages/account/how-to/use-2fa.mdx | 105 +++++++++++-------
.../protecting-yourself-fraud-phishing.mdx | 2 +-
.../cannot-log-into-my-account.mdx | 36 +++---
pages/dedibox-account/concepts.mdx | 2 +-
.../enforce-security-requirements-members.mdx | 2 +-
8 files changed, 120 insertions(+), 72 deletions(-)
diff --git a/pages/account/concepts.mdx b/pages/account/concepts.mdx
index f0d3da597e..9506bdee04 100644
--- a/pages/account/concepts.mdx
+++ b/pages/account/concepts.mdx
@@ -38,14 +38,22 @@ A **M**edia **A**ccess **C**ontrol Address is a unique ID assigned to network in
## Multifactor Authentication (MFA)
-Multifactor authentication (MFA) is any form of verification that requires two factors to authenticate to a device you wish to connect to. Scaleway supports MFA for Cloud accounts in the form of a security code that you use in addition to your [password](#password) when you log in. You can receive the code via SMS or an authenticator app on your smartphone. Enabling MFA adds an additional layer of security against unauthorized access to your account.
+Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.
-Refer to the [How to use MFA](/account/how-to/use-2fa) documentation page for more information.
+You can enable Multifactor Authentication (MFA) on your Scaleway account for heightened security. Even in the event of a leaked password, your account is protected.
+
+Two MFA methods are available:
+ - **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app.
+ - **Passkey** - secure authentication method that eliminates the need to create, manage, or remember passwords.
## Password
A password is a string of characters associated with your account's email address that allows you to access the [Scaleway console](https://console.scaleway.com/). It is personal and must not be shared with anyone. Alternatively, you can use an [authentication code](#authentication-code) to authenticate yourself.
+## Password Manager
+
+A password manager is a secure tool that stores and manages your login credentials—like usernames, passwords, and passkeys—in an encrypted vault. You only need to remember one master password to access the vault, and the manager can automatically fill in your login details for websites and apps.
+
## Single Sign-on (SSO)
Single Sign-On (SSO) allows you to use your Google, Microsoft, or Github account to log in to the console. To do so, make sure the email address associated with your Scaleway account matches the email address of your Google, Microsoft, or Github account.
diff --git a/pages/account/how-to/change-ownership-organization.mdx b/pages/account/how-to/change-ownership-organization.mdx
index 5da0bf0186..1e2b46e3e0 100644
--- a/pages/account/how-to/change-ownership-organization.mdx
+++ b/pages/account/how-to/change-ownership-organization.mdx
@@ -42,7 +42,7 @@ The process of changing the Owner of an Organization varies, depending on whethe
The Owner account is now registered under the newly entered email address.
### Ownership transition
-Ensure you communicate the current password to the new Owner and [disable MFA](/account/how-to/use-2fa/#how-to-disable-mfa), if enabled. This lets them easily access the Owner account, and they can re-enable multifactor authentication on their personal device later on.
+Ensure you communicate the current password to the new Owner and [disable MFA](/account/how-to/use-2fa/), if enabled. This lets them easily access the Owner account, and they can re-enable multifactor authentication on their personal device later on.
If the old Owner must still have access to the Organization, you can [create a Member account](/iam/how-to/manage-members/#how-to-create-a-member) using their email address.
Then, using permission sets, you can grant them rights to view, edit, and manage resources within the Organization. [Learn more about permission sets](/iam/reference-content/permission-sets/#scoped-by-project)
diff --git a/pages/account/how-to/log-in-to-the-console.mdx b/pages/account/how-to/log-in-to-the-console.mdx
index 5a9e294e57..9cff3371b1 100644
--- a/pages/account/how-to/log-in-to-the-console.mdx
+++ b/pages/account/how-to/log-in-to-the-console.mdx
@@ -109,12 +109,27 @@ If you were added to a Scaleway Organization as an [IAM Member](/iam/concepts#me
If [Multifactor Authentication (MFA)](/account/how-to/use-2fa) is enabled on your account, MFA authentication will be an additional step for all methods of log in described on this page.
-If the login information provided in any of the previous methods is valid, you will be redirected the Multifactor Authentication screen.
-
-1. Enter a valid two-factor token or backup key.
-
- This is the token provided in your MFA app.
-
-2. Click **Log in**.
+You can authenticate using either a:
+ - **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app, or
+ - **Passkey** - secure authentication method that eliminates the need to create, manage, or remember passwords.
+
+If the login information provided in any of the previous methods is valid, you will be redirected the Multifactor Authentication screen. If both MFA methods are enabled in your account, you will see the **passkey** screen by default.
+
+
+
+ 1. Click **Use passkey**. Your password manager pops-up.
+ 2. Follow the steps in your password manager.
+
+ If the passkey is valid, you are redirected to the Organization dashboard.
+
+
+ 1. Click **Switch to authenticator app**.
+ 2. Enter a valid TOTP token or backup key.
+
+ This is the token provided in your TOTP app.
+
+ 2. Click **Log in**.
-If the code is correct, you are redirected to the Organization dashboard.
\ No newline at end of file
+ If the code is correct, you are redirected to the Organization dashboard.
+
+
diff --git a/pages/account/how-to/use-2fa.mdx b/pages/account/how-to/use-2fa.mdx
index a6d3972592..7a6f19aaf3 100644
--- a/pages/account/how-to/use-2fa.mdx
+++ b/pages/account/how-to/use-2fa.mdx
@@ -3,98 +3,117 @@ title: How to use Multifactor Authentication (MFA)
description: Enable and use Two-Factor Authentication (2FA) in Scaleway.
tags: authentication 2FA two-factor two multifactor security google authenticator authenticator
dates:
- validation: 2025-09-03
+ validation: 2025-10-01
posted: 2022-01-14
---
import Requirements from '@macros/iam/requirements.mdx'
+Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.
-You can enable multifactor authentication on your Scaleway account for heightened security. Once enabled, an additional security code generated by your phone is required to access your account.
+You can enable Multifactor Authentication (MFA) on your Scaleway account for heightened security. Even in the event of a leaked password, your account is protected.
-Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as an MFA app) are required to access your account. Even in the event of a leaked password, your account is protected.
+Two MFA methods are available:
+ - **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app.
+ - **Passkey** - secure authentication method that eliminates the need to create, manage, or remember passwords.
+
+
+ If you are an account Owner, you can set up the two different MFA methods at the same time. We recommend you have at least one of the two MFA methods set up at a time, to keep your account safe.
+
- A Scaleway account logged into the [console](https://console.scaleway.com)
-## How to download an MFA app
+## How to enable TOTP
-To use [multifactor authentication](/account/concepts/#multifactor-authentication-mfa) on your account, you first need to download an MFA app onto your smartphone. Once configured, MFA apps display a constantly rotating set of codes to use with your different accounts when you are prompted for one during login. Popular MFA apps include:
+To use TOTP on your account, you first need to download a TOTP app onto your smartphone. Once configured, TOTP apps display a constantly rotating set of codes to use with your different accounts when you are prompted for one during login. Popular TOTP apps include:
- [Authy](https://authy.com/download/)
- [FreeOTP](https://freeotp.github.io/)
- [Google Authenticator](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US)
-Download the app of your choice and install it onto your smartphone.
-
-## How to enable MFA
-
-1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
+1. Download the app of your choice and install it onto your smartphone.
+2. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
- If you are logged in as an [IAM Member](/iam/concepts/#member), click **Credentials** in your user overview page and scroll down to the **Multifactor authentication** section.
+ If you are logged in as an [IAM Member](/iam/concepts/#member), click **Credentials** in your user overview page.
-2. Click **Enable MFA**, in the **Multifactor authentication** section. A pop-up displays.
+3. Click **Set up TOTP**, in the **Multifactor authentication** section. A pop-up displays.
3. Enter the code shown on the pop-up into your MFA app, or scan the QR code into your app.
Your app sets up MFA for your Scaleway account and displays a 6-digit code.
-4. Enter the 6-digit authentication code given by your app into the pop-up box, then click **Submit**. A pop-up displays.
-5. Download or copy the backup codes shown, and save them in a safe place. These codes will be the only way to regain access to your account without your MFA app.
+4. Enter the 6-digit authentication code given by your app into the box, then click **Submit**.
+5. Download or copy the backup codes shown, and store them in a safe place. These codes will be the only way to regain access to your account without your TOTP app.
-MFA is now enabled on your account.
+TOTP MFA is now enabled on your account.
-Next time you log in to your Scaleway account, you will be prompted for an MFA code. Use your MFA app to get the code and enter it in the Scaleway console.
+Next time you log in to your Scaleway account, you will be prompted for a TOTP code. Use your TOTP app to get the code and enter it in the Scaleway console.
-## How to update MFA
+### How to update TOTP
-If you no longer have access to the device in which you set up your MFA, you can update your MFA information and set it up via the Scaleway console.
+If you no longer have access to the device in which you set up your TOTP, you can update your TOTP information and set it up via the Scaleway console.
-- A Scaleway account logged into the [console](https://console.scaleway.com)
- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
-- [Enabled MFA](#how-to-enable-mfa) on your account
+- [Enabled TOTP](#how-to-enable-totp) on your account
If you have lost access to your account and are not able to log in, follow the [Cannot log into my account](/account/troubleshooting/cannot-log-into-my-account/) troubleshooting procedure.
1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
-2. Click **Update MFA**, in the **Multifactor authentication** section. A pop-up displays.
+2. Click **Update TOTP**, in the **Multifactor authentication** section. A pop-up displays.
3. Enter the code shown on the pop-up into your MFA app, or scan the QR code into your app.
- Your app sets up MFA for your Scaleway account and displays a 6-digit code.
-4. Enter the 6-digit code given by your app into the pop-up box, and click **Submit**. A pop-up displays.
-5. Download or copy the backup codes shown, and save them in a safe place. These codes will be the only way to regain access to your account without your MFA app.
+ Your app sets up TOTP for your Scaleway account and displays a 6-digit code.
+4. Enter the 6-digit code given by your app into the pop-up box, and click **Submit**.
+5. Download or copy the backup codes shown, and store them in a safe place. These codes will be the only way to regain access to your account without your TOTP app.
+
+### How to delete TOTP
+
+1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
+2. Click **Delete TOTP**, in the **Multifactor authentication** section. A pop-up displays.
+3. Type **DELETE** in the box to confirm, then click **Delete TOTP**.
-## How to disable MFA
+TOTP is now disabled on your account.
- If you disable MFA as a Member of an Organization that has MFA enforced, you will need to re-enable it before the Organization's [grace period](/iam/how-to/comply-with-sec-requirements-member/#grace-period) ends, otherwise your Member account will be locked.
+ If you delete TOTP as a Member of an Organization that has MFA enforced, you will need to re-enable it before the Organization's [grace period](/iam/how-to/comply-with-sec-requirements-member/#grace-period) ends, otherwise your Member account will be locked.
-1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
-2. Click **Disable MFA**, in the **Multifactor authentication** section. A pop-up displays.
-3. Type **DISABLE** in the box to confirm, then click **Disable**.
+## How to enable passkeys
+
+A passkey is a passwordless authentication method that allows you to securely log in to apps and websites through public-key cryptography. Passkeys at Scaleway are supported by the WebAuthn standard.
-MFA is now disabled on your account.
+When you enable a passkey, your password manager or device generates a public/private key pair. The private key stays securely on your device while the public key is sent to Scaleway.
-## How to regain access to your account
+When you log in, the Scaleway sends a challenge to your device. Your device uses the private key to sign the challenge. Scaleway verifies the response using the public key.
-### If you lose your MFA device
+
+ This MFA method is currently not available for IAM Members.
+
-If you lose your authentication device, you can regain access to your account using the backup codes that were generated when you enabled MFA.
+
-When you log into your account, you are prompted for an MFA code.
+- [Owner](/iam/concepts/#owner) status
+- Set up a [password manager](/iam/concepts/#password-manager) on your device
-Enter one of your **backup codes** instead of a code generated by your MFA device in real-time, then click **Log in**. You are logged into your account and can [disable MFA](#how-to-disable-mfa) if you wish.
+1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
+2. Click **+ Add passkey**, in the **Multifactor authentication** section. A pop-up displays.
+3. Enter the passkey name you configured in your password manager.
+4. Click **Start**. Your password manager will be called and a pop-up might appear in your browser.
+5. Follow your password manager's instructions to confirm and finish setting up the passkey.
+ If the process was successful, you will see a pop-up affirming that the **passkey was added**.
+6. Click **Close**.
-### If you lose your MFA device and backup codes
+You see a list of your passkeys.
-If you lose both your MFA app and backup codes, the only way to regain access to your account is through a manual identity verification.
+### How to delete a passkey
-To do so, make a request to our Trust and Safety team. You must make your request from the e-mail address registered on your account. In your email, provide the following information:
+1. Go to your [Account Security](https://console.scaleway.com/settings/account/security) page.
+2. Click , next to the passkey you want to delete in the **Multifactor authentication** section. A pop-up displays.
+3. Type **DELETE** in the box to confirm, then click **Delete passkey**.
-- The telephone number registered on your account
-- If you have an individual account, your passport or local ID card
-- If you have a corporate account, the certificate of incorporation and a copy of the last Scaleway invoice you received
+TOTP is now disabled on your account.
-Submit the complete set of required documents via email to `document@scaleway.com`.
+
+ Keep in mind that the passkey will be deleted from your Scaleway account only. You may need to manually delete it from your authenticator service account.
+
-After analyzing your documents, our team will deactivate your two-factor authentication (2FA).
diff --git a/pages/account/reference-content/protecting-yourself-fraud-phishing.mdx b/pages/account/reference-content/protecting-yourself-fraud-phishing.mdx
index 60844b6f5b..b510476b6a 100644
--- a/pages/account/reference-content/protecting-yourself-fraud-phishing.mdx
+++ b/pages/account/reference-content/protecting-yourself-fraud-phishing.mdx
@@ -31,7 +31,7 @@ Phishing is a method where attackers trick you into providing personal informati
### Multifactor authentication (MFA)
-Enable [Multifactor authentication (MFA) on your Scaleway account](/account/how-to/use-2fa/#how-to-update-mfa) to add an extra layer of security. MFA requires a second form of verification beyond just a password.
+Enable [Multifactor authentication (MFA) on your Scaleway account](/account/how-to/use-2fa/) to add an extra layer of security. MFA requires a second form of verification beyond just a password.
### Strong password practices
diff --git a/pages/account/troubleshooting/cannot-log-into-my-account.mdx b/pages/account/troubleshooting/cannot-log-into-my-account.mdx
index 76e740e044..f0b12a9a1d 100644
--- a/pages/account/troubleshooting/cannot-log-into-my-account.mdx
+++ b/pages/account/troubleshooting/cannot-log-into-my-account.mdx
@@ -27,7 +27,6 @@ You are redirected to the Scaleway console and safely logged into your Scaleway
If [MFA](/account/concepts/#multifactor-authentication-mfa) is enforced for your account, you must also enter the security code received by SMS or provided by an authenticator smartphone app.
-
## I have forgotten my password
If you forgot or lost your password, you need to reset it. There are several methods to recover it:
@@ -35,24 +34,31 @@ If you forgot or lost your password, you need to reset it. There are several met
- [Password reset using email validation](/account/how-to/recover-a-lost-password/#reset-your-password-using-email-validation)
- [Password recovery in case of lost email account](/account/how-to/recover-a-lost-password/#recover-your-password-if-you-lost-access-to-your-email-account)
-## I have lost my 2FA device
+## I have lost my TOTP MFA device
+
+If you lose your authentication device, and do not have a passkey set up, you can regain access to your account using the backup codes that were generated when you enabled TOTP.
+
+When you log into your account, you are prompted for an TOTP code.
+
+Enter one of your **backup codes** instead of a code generated by your MFA device in real-time, then click **Log in**. You are logged into your account and can [delete TOTP](/account/how-to/use-2fa/#how-to-delete-totp) if you wish.
+
+### If you lose your authentication device and backup codes
-Refer to the [How to use two-factor authentication (MFA)](/account/how-to/use-2fa/) page to find the instructions to recover access to your MFA device.
+If you lose both your TOTP MFA app and backup codes, and do not have a passkey set up, the only way to regain access to your account is through a manual identity verification.
-Remember that if you lose both your MFA device and backup codes, you will need to gather all the following information:
+To do so, make a request to our Trust and Safety team. You must make your request from the e-mail address registered on your account. In your email, provide the following information:
-* Email address
-* Postal address
-* If your account is:
- - an individual account, a document proving your identity (passport or local ID card)
- - a corporate account, a copy of a business registration certificate,
- and a certified translation in either English or French if the document was issued in another language
-* A phone number to contact you
-* Copy of your last Scaleway invoice or the amount charged if you do not have a copy
-* A card or bank statement showing your Scaleway invoice debit
+- The telephone number registered on your account
+- If you have an individual account, your passport or local ID card
+- If you have a corporate account, the certificate of incorporation and a copy of the last Scaleway invoice you received
-Once you have gathered all the required documents, the request has to be sent by email to: `document@scaleway.com`.
+Submit the complete set of required documents via email to `document@scaleway.com`.
+
+After analyzing your documents, our team will deactivate your two-factor authentication (MFA).
## SSO authentication is not working
-If the email address of your Google, Microsoft, or GitHub account does not match the email address associated with your Scaleway account, you will not be able to log in using SSO. Make sure both email addresses are the same.
\ No newline at end of file
+If the email address of your Google, Microsoft, or GitHub account does not match the email address associated with your Scaleway account, you will not be able to log in using SSO. Make sure both email addresses are the same.
+
+
+
diff --git a/pages/dedibox-account/concepts.mdx b/pages/dedibox-account/concepts.mdx
index 48835190ce..304065c7c5 100644
--- a/pages/dedibox-account/concepts.mdx
+++ b/pages/dedibox-account/concepts.mdx
@@ -51,4 +51,4 @@ The personal information section of the Scaleway Dedibox console allows you to v
## Security
-The security section of the Scaleway Dedibox console allows you to configure optional multifactor authentication to increase the security of your account. You can configure MFA using authentications applications such as Authy or Google Authenticator. French residents cans optionally also configure MFA by SMS.
\ No newline at end of file
+The security section of the Scaleway Dedibox console allows you to configure optional multifactor authentication to increase the security of your account. You can configure MFA using authentications applications or password managers. French residents cans optionally also configure MFA by SMS.
\ No newline at end of file
diff --git a/pages/iam/how-to/enforce-security-requirements-members.mdx b/pages/iam/how-to/enforce-security-requirements-members.mdx
index e24a43613a..f80e902371 100644
--- a/pages/iam/how-to/enforce-security-requirements-members.mdx
+++ b/pages/iam/how-to/enforce-security-requirements-members.mdx
@@ -21,7 +21,7 @@ For the increased security of your Organization, you can enforce different secur
## How to disable a member's MFA
-If [Multifactor Authentication (MFA) is enabled](/account/how-to/use-2fa) for a member you can disable it anytime. Disabling MFA is useful if the member loses access to their authentication app and needs to reset MFA.
+If [Multifactor Authentication (MFA) is enabled](/account/how-to/use-2fa) for a member you can disable it anytime. Disabling MFA is useful if the member needs to reset MFA.
1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
2. Click the name of the member you want to delete. Alternatively, click next to the member, and select **Overview**. Either way, you are taken to the user's **Overview** tab.
From 2e1be1acf0200bb7fb325a7b0233d7a92d681e62 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Thu, 2 Oct 2025 10:14:05 +0200
Subject: [PATCH 2/4] fix(acc): reviews bene
Co-authored-by: Benedikt Rollik
---
pages/account/concepts.mdx | 2 +-
pages/account/how-to/use-2fa.mdx | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/pages/account/concepts.mdx b/pages/account/concepts.mdx
index 9506bdee04..e7b3c0d46e 100644
--- a/pages/account/concepts.mdx
+++ b/pages/account/concepts.mdx
@@ -40,7 +40,7 @@ A **M**edia **A**ccess **C**ontrol Address is a unique ID assigned to network in
Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.
-You can enable Multifactor Authentication (MFA) on your Scaleway account for heightened security. Even in the event of a leaked password, your account is protected.
+You can enable Multifactor Authentication (MFA) on your Scaleway account for enhanced security. Even in the event of a leaked password, your account is protected.
Two MFA methods are available:
- **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app.
diff --git a/pages/account/how-to/use-2fa.mdx b/pages/account/how-to/use-2fa.mdx
index 7a6f19aaf3..635f20fee9 100644
--- a/pages/account/how-to/use-2fa.mdx
+++ b/pages/account/how-to/use-2fa.mdx
@@ -10,7 +10,7 @@ import Requirements from '@macros/iam/requirements.mdx'
Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.
-You can enable Multifactor Authentication (MFA) on your Scaleway account for heightened security. Even in the event of a leaked password, your account is protected.
+You can enable Multifactor Authentication (MFA) on your Scaleway account for enhanced security. Even in the event of a leaked password, your account is protected.
Two MFA methods are available:
- **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app.
From 63157e202e538c2b0281b915da8209f16c94a83e Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Thu, 2 Oct 2025 17:14:38 +0200
Subject: [PATCH 3/4] fix(acc): review ro
---
pages/account/concepts.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pages/account/concepts.mdx b/pages/account/concepts.mdx
index e7b3c0d46e..55afae5a32 100644
--- a/pages/account/concepts.mdx
+++ b/pages/account/concepts.mdx
@@ -38,7 +38,7 @@ A **M**edia **A**ccess **C**ontrol Address is a unique ID assigned to network in
## Multifactor Authentication (MFA)
-Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as TOTP and passkeys) are required to access your account.
+Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as one-time passwords and passkeys) are required to access your account.
You can enable Multifactor Authentication (MFA) on your Scaleway account for enhanced security. Even in the event of a leaked password, your account is protected.
From 0adaeb70b24fb767d3be7b9df0115a91ba257042 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Mon, 6 Oct 2025 10:42:19 +0200
Subject: [PATCH 4/4] feat(acc): review cyprien
---
pages/account/concepts.mdx | 4 ++--
pages/account/how-to/use-2fa.mdx | 4 ++--
pages/account/troubleshooting/cannot-log-into-my-account.mdx | 5 +----
3 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/pages/account/concepts.mdx b/pages/account/concepts.mdx
index 55afae5a32..444be28a8c 100644
--- a/pages/account/concepts.mdx
+++ b/pages/account/concepts.mdx
@@ -38,13 +38,13 @@ A **M**edia **A**ccess **C**ontrol Address is a unique ID assigned to network in
## Multifactor Authentication (MFA)
-Multifactor authentication provides extra layers of security. In addition to your password (the first factor), other factors (such as one-time passwords and passkeys) are required to access your account.
+Multifactor authentication provides extra layers of security. In addition to the first factor (password, authentication code or SSO, for example), other factors (such as one-time passwords and passkeys) are required to access your account.
You can enable Multifactor Authentication (MFA) on your Scaleway account for enhanced security. Even in the event of a leaked password, your account is protected.
Two MFA methods are available:
- **One-time password (TOTP)** - method through which you access your account using a unique, time-based validation code generated by an app.
- - **Passkey** - secure authentication method that eliminates the need to create, manage, or remember passwords.
+ - **Passkey** - a secure authentication method based on public-key cryptography that replaces traditional passwords. Instead of entering a password, you prove your identity using something you have (like your device) and something you know or are (like a PIN or biometric verification).
## Password
diff --git a/pages/account/how-to/use-2fa.mdx b/pages/account/how-to/use-2fa.mdx
index 635f20fee9..f4926ff1c3 100644
--- a/pages/account/how-to/use-2fa.mdx
+++ b/pages/account/how-to/use-2fa.mdx
@@ -26,7 +26,7 @@ Two MFA methods are available:
## How to enable TOTP
-To use TOTP on your account, you first need to download a TOTP app onto your smartphone. Once configured, TOTP apps display a constantly rotating set of codes to use with your different accounts when you are prompted for one during login. Popular TOTP apps include:
+To use TOTP on your account, you first need to download an authenticator tool. Once configured, TOTP apps display a constantly rotating set of codes to use with your different accounts when you are prompted for one during login. Popular TOTP apps include:
- [Authy](https://authy.com/download/)
- [FreeOTP](https://freeotp.github.io/)
- [Google Authenticator](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US)
@@ -82,7 +82,7 @@ TOTP is now disabled on your account.
A passkey is a passwordless authentication method that allows you to securely log in to apps and websites through public-key cryptography. Passkeys at Scaleway are supported by the WebAuthn standard.
-When you enable a passkey, your password manager or device generates a public/private key pair. The private key stays securely on your device while the public key is sent to Scaleway.
+When you enable a passkey, your authenticator tool generates a public/private key pair. The private key stays securely on your device while the public key is sent to Scaleway.
When you log in, the Scaleway sends a challenge to your device. Your device uses the private key to sign the challenge. Scaleway verifies the response using the public key.
diff --git a/pages/account/troubleshooting/cannot-log-into-my-account.mdx b/pages/account/troubleshooting/cannot-log-into-my-account.mdx
index f0b12a9a1d..ec2e52abc6 100644
--- a/pages/account/troubleshooting/cannot-log-into-my-account.mdx
+++ b/pages/account/troubleshooting/cannot-log-into-my-account.mdx
@@ -58,7 +58,4 @@ After analyzing your documents, our team will deactivate your two-factor authent
## SSO authentication is not working
-If the email address of your Google, Microsoft, or GitHub account does not match the email address associated with your Scaleway account, you will not be able to log in using SSO. Make sure both email addresses are the same.
-
-
-
+If the email address of your Google, Microsoft, or GitHub account does not match the email address associated with your Scaleway account, you will not be able to log in using SSO. Make sure both email addresses are the same.
\ No newline at end of file