Enable Multi-Factor Authentication (MFA)


This guide explains how to enable Multi-Factor Authentication (MFA) for an entity in the Portal.

Applicable to

All Portal accounts


  • You must have an entity in the Portal
  • You must be an administrator in the Portal

How to

Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your username and password. With MFA enabled, when a user signs in to the Portal, they will be prompted for their username and password (the first factor - what they know), as well as for an authentication code from the 2nd factor they have configured. Taken together, these multiple factors provide increased security for your account.


Enabling MFA on your entity will affect all your users, as well as any entities under your account. It will also make sure that any user accessing your entity must be MFA compliant.

Step 1

Log in to the Portal as an administrator, select the Administration section on the left, and then the Security tab at the top.




Step 2

In the Resource Access section, use the slider to Enable MFA for the entity.




Step 3

Select the MFA method(s) you want to make available.


Time-based one time password (TOTP)

A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. It requires an authenticator app (ex: Google Authenticator).

Text Message (SMS)

A one-time code is sent by text message (SMS) to the user each time they log into your account to verify their identity.


An email containing a one-time passcode will be sent to your user's mailbox every time they sign into your account to validate their identity.


The next time any user in the entity logs in to the Portal, they will be forced to go through the MFA setup process.