Setting up Multi-Factor Authentication

To access your Prisidio vault, you will need a secondary authentication method upon each login to confirm your identity. There are four types of MFA currently supported by Prisidio to help ensure your identity and protect your account.

Authentication apps from Google, Microsoft, Okta, and others provide a constantly changing, randomly generated 6-digit one-time password (OTP). Each time you log in to Prisidio, you will need to navigate to the app on your mobile phone and retrieve the 6-digit code.

This is one of the most secure MFA options for protecting your Prisidio account.

A code can be sent to your mobile phone as a 6-digit one-time password (OTP). Whenever you attempt to log in to Prisidio, a text message will be sent to your phone with an OTP.

While supported, Prisidio strongly recommends using either an authenticator app or a hardware security key for greater security.

For text message verification, users are required to enter a US-based phone number only.

The Auth0 Guardian app sends a push notification each time you try to log in to Prisidio that you can either allow or deny on your mobile device.

Prisidio supports hardware security keys as a multi-factor authentication (MFA) option. Hardware security keys are physical devices used to verify your identity during sign-in and provide an additional layer of account protection.

Prisidio supports security keys that follow the FIDO2/WebAuthn standard.

Examples include:

Prisidio does not maintain a certified compatibility list for hardware security keys. In general, any hardware security key supporting the FIDO2/WebAuthn standard should work.

Depending on your device and hardware key model, you may be asked to:

Hardware security keys are supported in most modern browsers, including:

For the best experience, make sure your browser and operating system are updated to the latest version.

Some mobile devices may require NFC-compatible hardware keys. Older browsers or operating systems may not fully support FIDO2/WebAuthn authentication.

While creating your Prisidio account, you will be prompted to choose one of the available MFA options: Text Message, Mobile Authenticator App, Auth0 Guardian, or Security Key.

If you select the "Text Message" option, you will be prompted to enter a valid phone number. Once you’ve entered your phone number, select Next and then enter the code sent to your phone.

While this is a supported option, Prisidio strongly recommends using one of the authenticator app options or a hardware security key for greater security.

For text message verification, users are required to enter a US-based phone number only.

If you choose the "Mobile Authenticator App" option, you will need to have an authentication app installed on your phone. If you do not already have an authentication app installed, you can go to your device’s app store and install the app you wish to use.

Authentication apps offered by Google, Microsoft, and Okta are some of the more popular options being used today.

After choosing the "Mobile Authenticator App" option, launch your authenticator app on your phone and scan the QR code. Select the button to continue and enter the code from your authentication app to complete the setup process.

If you select the "Auth0 Guardian" option, you will need to have the Auth0 Guardian app installed on your mobile device.

After choosing the "Auth0 Guardian" option, launch Auth0 Guardian on your phone and scan the QR code. A notification will be sent to your phone. Locate the notification and choose to allow the connection to complete the process.

Going forward, every time you log in to Prisidio, a push notification will be sent to your phone for authentication.

Note that this QR code is different from the one provided under "Mobile Authenticator App" and only works with the Auth0 Guardian app.

If you select the "Hardware Security Key" option, follow the prompts provided by your browser and operating system to register your hardware key.

Depending on your hardware key and device, you may be asked to:

Once registration is complete, your hardware security key can be used during future logins to verify your identity.

Prisidio recommends registering an additional MFA method whenever possible in case your hardware security key is lost or unavailable.

When using Google, Microsoft, Okta, or other authenticator apps, the OTP will typically reset every 30 seconds. If the OTP expires before you finish entering it, you will need to enter a newly generated OTP.

Text message verification codes may also expire after a short period of time and may require a new code request.

You are required to configure multi-factor authentication to log in to Prisidio. MFA cannot be disabled.

In addition, anyone who accepts an invitation to join your vault will also be required to configure multi-factor authentication as part of their setup process.