Multi-factor authentication (MFA) adds a layer of protection to the sign-in process. When turned on, to access the platform a user must provide additional identity verification.

Only the Master Admin user role can enable MFA. MFA is enabled at the account level, meaning it is turned on for all users in the account, including for the Master Admin who enabled it. 

MFA can be configured using the following factors: trusted IPs and TOTP.

Trusted IPs protect against unauthorized sign-ins by restricting user access to a defined set of IP addresses. 

Time-based one-time password (TOTP) requires users to enter a code generated by an authenticator app to sign in. 

For best security, we recommend enabling both trusted IPs and TOTP.

If both factors are enabled, we prioritize trusted IPs:

  • Trusted IPs enabled: A user can sign in only from within a trusted IP address range. 
  • Enable TOTP is enabled: A user can sign in only by entering a code generated by an authenticator app.
  • Trusted IPs and TOTP are enabled: A user can sign in without a code if they are within the IP range. A user must enter the TOTP code if they are outside the IP range. 


To configure MFA:

1. In the lower-left corner, select your account profile > Account info.

2. Go to Security > MFA.

3. Enable trusted IPs and/or TOTP. (See below for details.)

4. Turn on the Enable MFA toggle.

5. Enter your password and select Confirm.

6. Select Save.

Note: To save certain settings, the Master Admin must also enter the TOTP code if TOTP has been enabled. If trusted IPs is also turned on but the Master Admin is signed in from a trusted IP, the admin will not be asked for a code. 


Trusted IPs factor

1. Point to Trusted IPs and click the gear icon.

2. Turn on the Enable trusted IPs toggle.

3. Enter the start and end IP addresses of the necessary ranges.

Note: If you want to allow logins from a single IP address, enter the same address in both fields.

4. Enter your password and select Confirm.

5. Select Save.

6. Turn on the Enable MFA toggle, if it is not already enabled.


TOTP factor

1. Point to TOTP and click the gear icon.

2. Turn on the Enable sign in with TOTP toggle.

3. Click Save.

4. Enter your password and select Confirm.

5. Turn on the Enable MFA toggle, if it is not already enabled.

After you both TOTP and MFA, on the next sign in each user will be prompted to set up TOTP using an authenticator app. 

To keep track of which users have set up TOTP, go to account profile > Account info > Users and check the status column.