What is MFA for Ninety?
Multi-factor Authentication (MFA) is an authentication method that requires you to provide two verification factors to gain access to Ninety. That means logging in with an email sends a verification code via text to enter into Ninety login.
Company Required MFA
An Owner*/Admin* can require all users accessing an account to use MFA. To do this, Visit Settings > Configuration and toggle Require MFA in the Security section.
Note: The user that turns this on is unaffected by the change until they log out of their current session. At the next login, the owner follows the MFA requirements.
Users in an account with Required MFA on
At the next login, they are presented with the enter phone number modal that doesn't allow them to access their account until a phone number is verified. Users then receive a text verification for all future logins each time they log in. Even if the user is in multiple companies, only one company requiring MFA requires the user to use it on each login.
Note: If you use social sign-in, you aren't prompted for MFA because it is already considered an MFA login.
User Activated MFA
If a company does not want to require MFA, a user can still turn it on for personal use.
To activate MFA,
Visit Account Details in the My Account section.
Toggle on Enable MFA and verify the phone number. On the next login, use text verification to access the account.