View 2FA actions in the User Audit Report
All Two-Factor Authentication (2FA) actions performed on the All Devices view are recorded in the User Audit Report. These actions include, when 2FA was activated and verified for a user, along with any problems resetting the account, and so on.
- In the All Devices view, go to Reports > User Audit Report.
- Select the timeframe, user, action and event from the drop-down menus.
- Click Generate to open the HTML report or download the CSV Export.
User Audit Report: 2FA content filters
- 2FA Reset Failed
- incorrect recovery code
- retry limit exceeded
- Company
- Two-Factor Authentication: On
- Two-Factor Authentication: Off
- Dashboard Security
- name - 2FA enabled
- name - 2FA disabled
- User
- User logged in: name 2FA activated
- User logged in: name with 2FA
- User logged in: name 2FA deactivated
- User Login Failed: incorrect 2FA security code
- User Login Setting: IP verification disabled for user name
Pagination
Even when filtered, the User Audit Report may return a large amount of data. To limit the number of rows displayed per page, enter the desired number in Rows per page, then use the arrows to move between pages. Select 
refresh to reload the report.
Pagination settings do not apply to the CSV Export of the User Audit Report.
Report export options
After you generate a User Audit Report, two export options appear above the North-pane:
- CSV Export: Saves all filtered data (including hidden columns) as a CSV file. The file is named using the format DATE_FROM-UserAuditReport.csv (for example, 2025-08-01-UserAuditReport.csv).
- Print: Prints the current report view as displayed. Hidden columns are excluded. Available print options depend on the configuration of the device used to view the report.
What do you want to do?