What is multi-factor authentication (MFA)?
Multi-factor authentication (MFA) is a layered approach to securing data and applications, where it requires a user to present a combination of two or more credentials to verify a user's identity when logging in to an application or system.
With the extra layer of security, you can rest assured that your users are protected from potential malicious intent.
How to activate and enforce Multi-factor authentication
Only System administrators can activate MFA and to ensure a gradual roll-out of the new authentication method, all changes apply after the next login.
- Click Administration
- Click System & template
- Click Security
- Toggle Use an authenticator app
You can enforce MFA for the whole company or organisation or select specific roles or users:
- Enforce for all users
- Enforce for System administrators
- Enforce for individual users
Note: If you select Enforce for individual users, you need to go to each user in the User directory and click "Enforce MFA" on the user profile.
Deactivate Multi-factor authentication
Deactivation of MFA is not recommended. Please notify the person responsible for cyber/information security within your organisation before deactivating MFA.
Toggle the Use Authenticator app button mentioned above to turn it off. Remember that toggling off any of the "Enforce..." buttons doesn't actually turn off MFA, and users who activated MFA will still use it until they reset it.
Reset a user's MFA configuration
If a user can't sign in, a System administrator can reset the MFA configuration from the user directory:
- Click Administration
- Click Users & teams
- Find the user in the user directory
- Click on the user
- Click Reset MFA