Multi Factor Authentication for organizations
This function allows you to further secure your client's account log in via one-time use through email or SMS text messages.
If enabled on your portal, ALL organization log ins will immediately be forced to enroll on their next log in attempt. Additionally, you can decide if you want to give your organizations the option to enroll, or "Opt-Out", if they choose.
SMS setup instructions
Our SMS based multi factor authentication will send a text message code to the enrolled mobile phone number.
To get started, log in to your portal and navigate to Configurations + Client Users. Scroll to the Multi Factor Authentication (MFA) header, select the check box and save your changes.
If you don't see this option, your account may not have high enough profile privileges to enable this feature within the portal. Please check that the "Profile", selected for your account is the same as a Profile with the "Master Admin" option enabled.
Once enabled on your portal, the next log in via your organization's standard username/password will begin the enrollment process. This will now be a requirement for all your organizations.
After initial successful log in, your client will be prompted to enter a phone number.
The organization will need to confirm the first received text message. After validation, the user will need to select Finish to log in to their portal.
After that initial setup, subsequent log in attempts will simply require user to enter the SMS code going forward.
Congratulations, that's it! Your organization accounts are now protected via Multi Factor Authentication.
If you decide to later turn this off and re-enable in the future, all previously configured organizations will need to follow the enrollment steps again.
Email setup instructions
Our email based MFA will send an email code to the enrolled email address.
To get started, log in to your portal and navigate to Configurations + Client Users. Scroll to the Multi Factor Authentication (MFA) header, select the check box and save your changes.
If you don't see this option, your account may not have high enough profile privileges to enable this feature within the portal. Please check that the "Profile", selected for your account is the same as a Profile with the "Master Admin" option enabled.
Once enabled on your portal, the next log in via your organization's standard username/password will begin the enrollment process. This will now be a requirement for all your organizations.
After initial successful log in, your client will be prompted to enter their email address.
The organization will need to confirm the first received email. After validation, the user will need to select Finish to log in to their portal.
MFA client opt-out
If you elect to give your clients the choice of doing MFA, this can be enabled under the main "Multi Factor Authentication" section.
Once enabled, the enrollment screen is slightly modified with a button allowing the user to skip.
If the user selects "Skip for Now", this preference is remembered, and the client is directed straight to the main dashboard on subsequent attempts.
If the user decides to enroll with MFA at a later time, this can be done by navigating to the top left 3-bar menu, and selecting "Enable MFA".
The user will have a dialog window to confirm their intentions, and will be logged out, if enabled.
Troubleshooting
If your organization does not have access to or needs a different mobile phone number or email tied to the account, the "enrollment" process will need to be repeated.
Another admin from your organization can do a "RESET" under the given organization's account. This ONLY does a reset for the account in question and does NOT force other organizations to "re-enroll".
On the company overview page, click on "Organization Details".
Find the contact in question, and expand for details. Select "RESET TWO FACTOR".
This completes the manual reset for an organization account.
NOTE Doing a "reset" also clears the saved "Skip For Now" preference on the contact.
