MFA
Multi-factor authentication (MFA) is an access control technique that requires a user to provide one or more additional proofs of identity on top of the password and username.
This feature is available in the Essential plan and higher.
You may set up MFA for your account in Control Panel > Profile (top right corner) > Security.
By enabling MFA you will be prompted to enter a security code from an TOTP-based authentication app (e.g. Google Authenticator, Microsoft Authenticator, Authy or 1Password) every time you log in.
Backup Codes
When setting up MFA, a set of backup codes will be automatically generated for you.
These are one-time codes that can be used if you lose access to your primary MFA device, ensuring you can always securely regain access to your account.
Each backup code can only be used once. You can regenerate these codes at any time, which will invalidate any previously generated codes to maintain security.
If you use a backup code to log in, you can disable MFA using your password. The option to regenerate backup codes will be disabled until a new MFA is set up or until logging in with your current MFA.
Protect your backup codes as if they were passwords.
Managing Team MFA
You may manage Team MFA in Control Panel > Settings > MFA & Login Security.
Once enabled, Team Admins or Members will be forced to use MFA while logging in to the Control Panel, Client Application, or both, depending on your configuration.
Additionally, you may require MFA before every Client Application connection and after a set period.
Users without existing MFA will be prompted for setup upon their next login.
Reset of MFA
To reset your MFA, ask your Team Admin or contact our technical support.
Team Admin can reset user's MFA in Control Panel > Members > Edit button of the Member. This action is not performed immediately but requires the user to take action upon receiving an email and precisely navigate to setting up a new MFA; the old MFA is invalidated after the new one is set up.
Last updated