What is MFA?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two verification factors to gain access to Ninety. That means when logging in with an email, it will send the user a verification code via text to enter into Ninety login.
Company Required MFA
An Owner/Admin can require all users accessing an account to use MFA. To do this, Visit Settings > Configuration, and toggle on "Require MFA" in the Henryx section.
The user that turns this on will be unaffected by the change until they log out of their current session. At the next login, the owner will follow the same MFA flow as their other users.
Users in an account with Required MFA on:
At the next login, they will be presented with the enter phone number modal that will not allow them to access their account until a phone number is verified.
For all future logins, users will receive a text verification each time they log in.
It will not prompt if the user uses social sign-in. (Their social login is considered their multi-factor login)
Even if the user is in multiple accounts, only one company requiring MFA will require the user to use it on each login.
User Activated MFA
If a company does not want to require MFA, a user can still turn it on for themself. You cannot control this for another user.
To turn it on for yourself, go to My Account and visit the Account Details section. Toggle on "Enable MFA," and you will be required to verify the phone number. On the next login, you will be required to use text verification.