Multi-factor authentication (MFA) is a security measure that requires users to verify their identity using two or more distinct verification methods before granting access to a resource. This adds an extra layer of protection beyond passwords alone, making it much harder for unauthorized individuals to gain access even if they have stolen or guessed a password.
In Core, MFA can be enabled using an Association Setting under the Access tab.
Once enabled, staff can choose which authentication method they would like to use.
If the email and phone fields in the staff profile are not already populated, staff can enter their phone number and email address. If they are already populated, this information can only be changed on the staff person's Core User profile. Depending on the staff's permission level, another staff with the Manage Staff permission may need to input this information instead.