Modern Multi-Factor Authentication (MFA) at Ninety

Starting on 11 December 2025, all new users can secure their Ninety login credentials with either:

• Single-sign on (SSO) from Microsoft of Google.
• Temporary one-time password (TOTP) generation to a preferred authenticator app.

Existing users with accounts started before 11 December 2025, can still utilize SMS as their preferred or backup MFA option. More details below.

How to Require MFA for Your Company

An Owner or Admin can require all users to use MFA by visiting Settings > Configuration and toggling on Require MFA in the Security section — for new users, the security may say Require Authenticator for all users of company instead. The user who turns this on is unaffected by the change until they log out of their current session. At the next login, the owner follows the MFA requirements.

After enabling MFA for your company, team members who use an email address and password to log in (not SSO) will need to use MFA the next time they log in.

For example, after an Owner or an Admin enables requiring MFA for all users on their account, the next time one of their team members attempts to log into Ninety, they'll be prompted to set up MFA with an authenticator app of their choice.

How to Set Up MFA for an Individual Account

If a company does not require MFA, a user can still enable it for personal use by visiting User Settings > Account.

To activate MFA with an authenticator app:

1. Click your name at the bottom of the left navigation.
2. Click User Settings from the option shown in the popup.
3. Click Account from the user setting navigation options.
4. Identify the Authenticator section and click Set up your authenticator app.
5. Scan the QR code using a trusted authenticator app, such as Google Authenticator or Authy.
6. Enter the six-digit code from the authenticator app and click Verify.

If your company does require MFA for your Ninety login, the first time you sign in, you'll be prompted to set up an authenticator app before accessing Ninety. To do so, you'll download a trusted authenticator app on your smartphone, scan the QR code, and enter the six-digit code from the app to verify.

How to Switch Authenticator Apps

To switch apps after enabling an authenticator:

1. Navigate to User Settings > Account. 
2. Click Change authenticator app to switch to another trusted app. 
3. Verify your password before scanning the QR code and entering the code.

How to Delete an Authenticator App Connection

If you'd like to remove the connection between Ninety and an authenticator app from our platform:

1. Navigate to User Settings > Account.
2. Click the trash can icon on the right side of the Authenticator section.
3. Confirm your choice by clicking Remove on the popup.

Legacy SMS Verification

If you created your Ninety account before 11 December 2025, you can still utilize SMS as your preferred or backup method for MFA.

If you have access to MFA via SMS, follow these directions to set it up:

1. Navigate to User Settings > Account.
2. Verify your phone number in the Login Information section.
3. Enable SMS.

How to Troubleshoot Login and MFA Issues

Having trouble logging in? This section walks you through common MFA issues and how to resolve them.

“I'm Stuck in a Verification Code Loop”

If you enter your MFA code and are repeatedly sent back to the login screen, this typically indicates a temporary authentication issue. Here's how to resolve it:

1. Clear your browser cache and cookies.
   1. Chrome: Settings > Privacy and security > Clear browsing data.
   2. Safari: Safari menu > Clear History.
   3. Edge: Settings > Privacy, search, and services > Clear browsing data.
2. Try logging in using an incognito or private browsing window.
3. Try a different browser (Chrome typically works best, but you can also try Safari, Firefox, or Edge, among others).

If the problem persists or if multiple people in your organization are experiencing the same issue simultaneously, there may be a system-wide authentication issue. In this case:

• Ask your Admin or Owner (in Ninety) to temporarily disable MFA for your company (instructions below).
• Once you've successfully logged in, you can re-enable MFA.
• If you continue to experience issues, please contact our support team.

“I'm Not Receiving MFA Codes”

If you're not receiving verification codes via SMA or email, check the following.

For SMS codes (for legacy accounts):

• Verify your phone number is correct in your user settings.
• Check if your phone carrier is blocking short codes or automated messages.

For email codes:

• Check your spam or junk folder.
• Add “@ninety.io” to your email contacts or safe senders list.
• Verify that your corporate email security settings are not filtering out messages.
• Ensure the email address associated with your account is correct in your user settings.

“I Can't Disable MFA Because I Can't Log In”

If you're locked out and can't access your account to disable MFA, consider the following.

If you're an Admin or Owner in Ninety:

• Contact our support team for assistance.
• We can temporarily disable MFA so you can regain access.

If you're a Manager or Managee/Team Member:

• Ask your company's Admin or Owner to disable MFA for you, then try logging in again.

“My Password Reset Emails Aren't Arriving”

If you requested a password reset but haven't received the email:

1. Check your spam or junk folder.
2. Verify you're using the correct email address (the one associated with your Ninety account).
3. Wait 5-10 minutes, as some email servers delay automated messages.
4. Add “@ninety.io” to your email safe senders list and try again.
5. If you still haven't received the email after multiple attempts, please contact your Admin or Owner for assistance, or reach out to our support team.

How to Turn Off MFA for Your Users

There are times when you may need to temporarily disable MFA, such as troubleshooting login issues or accommodating specific user needs. Here's how to turn off MFA based on your role and situation.

Who Can Disable MFA?

• Owners and Admins can disable MFA for the entire company in Company Settings > Configuration.
• Individual users can disable their own MFA requirement if MFA isn't required company-wide.

Disabling MFA Company-Wide (Owners and Admins Only)

To turn off MFA for your entire organization:

1. Log in to Ninety.
2. Click your profile picture in the bottom left corner.
3. Click Company Settings.
4. Click Configuration.
5. Navigate (scroll down) to the Security section.
6. Toggle off Require MFA.

Once disabled, users will no longer be prompted for verification codes when logging in. You can re-enable MFA at any time by following the same steps and toggling it back on.

Disable MFA for Your Own Account

If your company allows individual MFA control, you turn it off for yourself:

1. Log in to Ninety.
2. Click your profile picture in the bottom left corner.
3. Click User Settings.
4. Click Account.
5. Toggle off MFA.

Note: This is not applicable if you use SSO to log in to Ninety.

If your company requires MFA for all users, this option will be unavailable. Contact your Admin or Owner if you need MFA disabled due to login issues.

When to Disable MFA Temporarily

Consider temporarily disabling MFA in these situations:

• Users are experiencing widespread login issues (verification code loops).
• A critical team meeting or deadline requires immediate access, and authentication is failing.
• You're troubleshooting login problems with support.

Security recommendation: Re-enable MFA as soon as the issue is resolved. Multi-factor authentication or SSO significantly increases your account security.

“I Can't Access Settings to Disable MFA”

If you're locked out and can't access the settings to disable MFA:

• Individual users: Ask your company's Admin or Owner to disable MFA for you.
• Admins and Owners: Contact our support team, and they can help you regain access and disable MFA.