Multi-factor Options

Multi-factor Authentication

Following multi-factor authentication (MFA) methods are supported.

Authentication MethodEnabledDescription
One-time password (TOTP)YesTime-based one-time password. Requires user to install Authenticator apps like Google Authenticator or Authy and sync secretes using barcode scanning.
One-time password (HOTP)NoHMAC-based one-time password. Requires user to install Authenticator apps like Google Authenticator or Authy and sync secretes using barcode scanning.
Backup codesYesLong-lived backup or recovery codes which can be saved somewhere safe for emergency use.
EmailYesOne-time password sent by email. Avoid using this method if password recovery method is email-based. Requires verified email.
SMSNoOne-time password sent by email. Avoid using this method if password recovery method is SMS-based. Requires verified mobile number.
Trusted DeviceYesAllow user to trust the browser and skip two-factor authentication for next 30 days.
FIDO2 and WebAuthn-Coming soon.
important
  • Multi-factor authentication is not supported for passwordless login.
  • Multi-factor authentication can be enabled only at user level.
  • A user need to opt-in before being asked for multi-factor authentication.

Multi-factor Options

Navigate to Tenant and then find Multi-factor Options panel under Tenant Settings tab. You can enable or disable one or more multi-factor authentication methods and click Update Details.

Manage Multi-factor Options
Manage Multi-factor Options