What is MFA for Ninety?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two verification factors to gain access to Ninety. That means logging in with an email will send the user a verification code via text to enter into Ninety login.
Company Required MFA
An Owner/Admin can require all users accessing an account to use MFA. To do this, Visit Settings > Configuration and toggle "Require MFA" in the Security section.
Note: The user that turns this on will be unaffected by the change until they log out of their current session. At the next login, the owner will follow the same MFA flow as their other users.
Users in an account with Required MFA on
At the next login, they will be presented with the enter phone number modal that will not allow them to access their account until a phone number is verified.
Users will then receive a text verification for all future logins each time they log in.
It will not prompt if the user uses social sign-in — their social login is considered their multi-factor login.
Even if the user is in multiple accounts, only one company requiring MFA will require the user to use it on each login.
User Activated MFA
If a company does not want to require MFA, a user can still turn it on for personal use.
To activate MFA, visit Account Details in the My Account section. Toggle on "Enable MFA" and verify the phone number. On the next login, use text verification to access the account.