Configure multi-factor authentication
Last updated: November 6, 2024
Multi-factor authentication (MFA) provides an additional layer of verification for Dashboard access when you log in using your email address and password.
If your organization leverages single sign-on (SSO), MFA will not be available within the Dashboard.
You can configure two types of MFA method for your account:
- Authenticator application - Use an authenticator application, such as Google Authenticator, Okta Verify, or Microsoft Authenticator.
- Security key or biometric authenticator - Use a biometric method, such as your fingerprint or a security key device.
When you set up both MFA methods, the security key or biometric authentication takes priority over the authenticator app.
Shared or group accounts are not supported. Ensure that all of your users sign in using their own credentials.
After configuring an MFA method for your account, you must always have a valid MFA method to log in.
Before you begin, ensure that your phone has an authenticator app installed, such as Google Authenticator, Okta Verify, Microsoft Authenticator, or Salesforce Authenticator.
To configure an authenticator app for your account:
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Under Authenticator app, select Set up.
- Authenticate with your password or existing MFA method to confirm the setup.
The Dashboard screen displays a QR code. - On your phone, open your desired authenticator app and add a new account.
- When the authenticator app prompts you to scan a QR code, scan the code shown on your Dashboard screen.
If you cannot scan the QR code, you can manually add the code displayed. - Select Continue.
- Enter the one-time password provided by your authenticator app to finish the setup.
Next time you log in, you must validate your identity by passing the one-time code provided by your authentication app.
To configure a touch or facial recognition method for your account:
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Under Security key or biometric authenticator, select Set up.
- Authenticate using your MFA method to confirm the method removal.
- Select the security key option that you want to configure.
Depending on your operating system and browser, you might see different options. - Follow the instructions on your screen to complete your setup.
Next time you sign in, you must validate your identity using the security key or biometric method you've configured.
You can remove any of your configured MFA methods from the security settings in your profile.
If you remove all of your MFA methods, you must re-enroll at least one MFA method next time you log in.
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Select Remove under the authentication method you want to delete.
- Complete an authentication request with the MFA method to confirm method removal.
You can reset the MFA method for any other user in your organization who might have been locked out of their account.
This process resets all MFA methods associated with the user. The user must re-enroll their MFA method the next time they log in.
Before you begin, ensure that your profile has the Owner or IAM Admin role assigned to it. If not, you must contact the organization administrator to reset your MFA method.
- Sign in to the Dashboard.
- Select the Settings icon in the top navigation bar and open the User permissions tab.
- Under the Users section, select the user for which you want to reset the MFA method.
- Under Authentication method, next to Multi-factor authentication (MFA), select Reset.
- Confirm the MFA reset when prompted.