Multi-factor authentication (MFA) adds a layer of protection to the sign-in process. When turned on, to access the PMC a user must provide additional identity verification.
Partner or MSP Partner users can enable MFA for their accounts, which turns on MFA for all subusers in the account. Partners or MSP Partners cannot enable MFA for partner or customer subaccounts.
MFA can be configured using the following factors: trusted IPs and TOTP.
Trusted IPs protect against unauthorized sign-ins by restricting user access to a defined set of IP addresses.
Time-based one-time password (TOTP) requires users to enter a code generated by an authenticator app to sign in.
For best security, we recommend enabling both trusted IPs and TOTP.
If both factors are enabled, we prioritize trusted IPs:
- Trusted IPs enabled: A user can sign in only from within a trusted IP address range.
- Enable TOTP is enabled: A user can sign in only by entering a code generated by an authenticator app.
- Trusted IPs and TOTP are enabled: A user can sign in without a code if they are within the IP range. A user must enter the TOTP code if they are outside the IP range.
To configure MFA:
- In the lower-left corner, click the account profile icon > Account info.
- Select the Security tab and then MFA.
- Enable trusted IPs and/or TOTP. (See below for details.)
- Turn on the Enable MFA toggle.
- Enter your password and select Confirm.
- Select Save.
Note: To save certain settings, the Partner or MSP Partner must also enter the TOTP code if TOTP has been enabled. If trusted IPs is also turned on but the Partner or MSP Partner is signed in from a trusted IP, they will not be asked for a code.
Trusted IPs factor
- To the left of the Trusted IPs option, select the gear icon.
- Turn on the Enable trusted IPs toggle.
- Enter the start and end IP addresses of the necessary ranges. If you want to allow logins from a single IP address, enter the same address in both fields.
Important: Make sure to use external IP addresses. We recommend you contact your IT department so they can provide you with the correct ranges. - Enter your password and select Confirm.
- Select Save.
TOTP factor
- To the left of the TOTP option, select the gear icon.
- Turn on the Enable sign in with TOTP toggle.
- Enter your password and select Confirm.
- Select Save.
After you enable TOTP and enable MFA, on the next sign in each user will be prompted to set up TOTP using an authenticator app.