Two-Factor Authentication (2FA) in SAP CCv2 and my experience with device change

Nuray Fahri
2 min readNov 24, 2023


As we know in response to heightened security measures, SAP has introduced a mandatory Two-Factor Authentication (2FA) policy for all new users on the Cloud Portal.

This week, I found myself needing to change my device and reconfigure 2FA. When faced with the situation of losing a 2FA device and the necessity to set it up on a new one, SAP recommends reaching out to an individual with a CUSTOMER_SYS_ADMIN role. This person can delete the user profile and recreate it in the Cloud Portal, allowing the user to log in and configure 2FA on their new device. Read here:

This process proved tricky for me as my user account was associated with 3 SAP Commerce Cloud subscriptions. Initially, we remove it from just one subscription, only to realize later that deletion from all subscriptions was necessary to access the 2FA reconfiguration page.

Given the absence of readily available information and limited support from the SAP Support team, I spent an entire day trying to resolve the issue. The key takeaway is the importance of removing the user account from all subscriptions for a seamless 2FA reconfiguration process.

I hope this information to be valuable to others encountering similar issue, assisting them in a quicker resolution in the future.