Multi-factor Authentication (MFA) is an authentication method that requires you to provide two verification factors to gain access to Ninety. That means logging in with an email sends a verification code via text to enter into Ninety login.

Company Required MFA

An Owner*/Admin* can require all users accessing an account to use MFA. To do this, Visit Settings > Configuration and toggle Require MFA in the Security section.

Note: The user that turns this on is unaffected by the change until they log out of their current session. At the next login, the owner follows the MFA requirements.

At the next login, they are presented with the enter phone number modal that doesn't allow them to access their account until a phone number is verified. Users then receive a text verification for all future logins each time they log in. Even if the user is in multiple companies, only one company requiring MFA requires the user to use it on each login.

Note: If you use social sign-in, you aren't prompted for MFA because it is already considered an MFA login.

If a company does not want to require MFA, a user can still turn it on for personal use.

To activate MFA,