Configure multi-factor authentication
Last updated: September 3, 2024
Multi-factor authentication (MFA) provides an additional layer of verification for Dashboard access when you log in using your email address and password.
If your organization leverages single sign-on (SSO), MFA will not be available within Dashboard.
You can configure two types of multi-factor authentication methods for your account:
- Authenticator application - Use an authenticator application, such as Google Authenticator, Okta Verify, or Microsoft Authenticator.
- Security key or biometric authenticator - Use a biometric method, such as your fingerprint or a security key device.
When you set up both MFA methods, the prioritized method depends on your browser:
- If you're using Chrome or Firefox, you are prompted for a security key or biometric authentication.
- If you're using Safari, you can choose the MFA method you want to use.
After configuring an MFA method for your account, you must always have a valid MFA method to log in.
Before you begin, ensure that your phone has an authenticator app installed, such as Google Authenticator, Okta Verify, Microsoft Authenticator, or Salesforce Authenticator.
To configure an authenticator app for your account:
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Under Authenticator app, select Set up.
- Authenticate with your password or existing MFA method to confirm the setup.
The Dashboard screen displays a QR code. - On your phone, open your desired authenticator app and add a new account.
- When the authenticator app prompts you to scan a QR code, scan the code shown on your Dashboard screen.
If you cannot scan the QR code, you can manually add the code displayed. - Select Continue.
- Enter the one-time password provided by your authenticator app to finish the setup.
Next time you log in, you must validate your identity by passing the one-time code provided by your authentication app.
To configure a touch or facial recognition method for your account:
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Under Security key or biometric authenticator, select Set up.
- Authenticate using your MFA method to confirm the method removal.
- Select the security key option that you want to configure.
Depending on your operating system and browser, you might see different options. - Follow the instructions on your screen to complete your setup.
Next time you log in, you must validate your identity using the security key or biometric method you've configured.
You can remove any of your configured MFA methods from the security settings in your profile.
If you remove all of your MFA methods, you must re-enroll at least one MFA method next time you log in.
- Sign in to the Dashboard.
- Select your profile icon.
- Select Security.
- Navigate to the Multi-factor authentication section.
- Select Remove under the authentication method you want to delete.
- Complete an authentication request with the MFA method to confirm method removal.
You can reset the MFA method for any other user in your organization who might have been locked out of their account.
This process resets all MFA methods associated with the user. The user must re-enroll their MFA method the next time they log in.
Before you begin, ensure that your profile has the Owner or IAM Admin role assigned to it. If not, you must contact the organization administrator to reset your MFA method.
- Sign in to the Dashboard.
- Navigate to Settings and select the Team Permissions tab.
- Under Users section, find the user for whom you want to reset the MFA method.
- Select the ... icon next to the user's name and select Edit user.
- Under Authentication method, next to Multi-factor authentication (MFA), select Reset.
- Confirm the MFA reset when prompted.