In addition to regular authentication, Multi-Factor Authentication (MFA) can be used. This adds another factor to the authentication process. An additional authenticator app is required for this.
By default, this feature is optionally available to all users; users can activate MFA independently in their account settings. Alternatively, the setup of MFA can be mandatorily enforced by the organization's administrator.
When MFA is activated, only the login method via email address and account password is available. Other login methods (e.g., via QR code) are not offered in this case.
In the Web/Desktop Client
Activation by the user:
-
Open the account settings
-
In the Security section, select the "Multi-Factor Authentication" option and activate it
-
Enter your account password
-
Use the authenticator app and scan the QR code or enter the key
-
Enter the code displayed in your authenticator app
-
Securely save your backup codes
-
Complete the MFA setup
After setup, the use of the additional factor is immediately required for all subsequent logins.
Deactivating Multi-Factor Authentication is possible in the same section of the client.
Enforcing Multi-Factor Authentication (MFA) as an Administrator:
-
Open the organization settings
-
Open "Settings"
-
In the "Multi-Factor Authentication" section, select that usage must be mandatory
If the use of MFA is made mandatory by the administrator, users must use it and cannot deactivate it independently. Multi-Factor Authentication provides additional security for accessing individual user accounts.
If desired, mandatory usage can be applied to the entire organization by specification of the administrator.