Sign in to Incident Response using single sign-on or multi-factor authentication

Access Incident Response features and functionalities using SSO or multi-factor authentication (MFA).

Before you begin

Role required: Responder, Manager, or Administrator


  1. Navigate to https://<subdomain>
    Incident Response Login page.
  2. In the Email field, enter your office email address and click Next.
    If you have single sign-on (SSO) enabled You are redirected to your Identity Provider to continue the sign-in process.
    If you do not have single sign-on (SSO) enabled
    Incident Response accounts can require multi-factor authentication.
    Note: MFA must be enabled on an account prior to setting it up. See Enable multi-factor authentication.

    Once MFA is enabled, the first time you sign-on to Incident Response, you are asked to setup multi-factor authentication (MFA). For configuration see, Set up multi-factor authentication.

    Perform the following steps to sign-on:
    1. In the Password field, enter the password and click Log in.
      MFA authentication.
    2. Open the authenticator on your mobile device or browser extension for the 6-digit code. This code refreshes every 30 seconds. For information on authenticators on your mobile device, see Set up multi-factor authentication.
    3. In the Enter 6-digit verification code field, enter the code generated by the authenticator app.
    4. (Optional) Select Do not challenge for MFA on this browser for the next 8 hours to skip the authenticator when you log in during the next 8 hours.
    5. Click Log in.

      You are directed to the Incident Response Home page.

    Note: If you do not have your mobile or cannot access your 6-digit verification code, click the link in the following message that appears on top of the screen:
    Link to generate OTP.
    A code will be sent to your email. You can use the code to login. The code is valid only for one session.
    Note: If you have trouble logging in, contact support using the chat icon (Chat icon.).