Multi-factor authentication (MFA) is a security measure that enhances your organization's security by requiring your users to identify themselves with more than a username and password.
โ๏ธNOTE: MFA is not necessary for companies that restrict all logins to Single Sign-on (SSO) or other login methods.
This article is best for:
- Admins ๐ฉโ๐ป๐จ๐พโ๐ป
- Connect Accounts ๐ผ
Topics in this article:
What to consider when enabling MFA for your company
Users will need to install a third-party authenticator app on their personal or work smartphone, computer, or as a Chrome extension.ย
Once MFA is enabled, any users who have not enabled MFA will be locked out of Bonusly and require assistance from the Bonusly Support Team to log in again.ย
As a best practice, we recommend giving your company advanced notice including an announcement and timeline explaining when and why the security upgrade is taking place.
How to set up MFA for the entire company
Step 1: Go to your Bonusly admin settings by clicking on your user avatar in the top right corner of the home page followed by the Manage admin settings button.
Step 2: Select Account settings from the Company pages in the admin tools and scroll down to Security.
Step 3: Check the box next to Require users to use multi-factor authentication (MFA).
Step 4: Add a start date to enforce MFA at your company. Adding a start date allows you to provide a grace period for users to set up MFA before it becomes strictly enforced.
โ๏ธImportant: MFA will be enforced for all users after this date, and any user who has not enabled MFA will be locked out of their account.
Note: New users can still set up MFA when they join the account.
Step 5: Save your changes by clicking the Save Settings button.
That's it! ๐ The next steps are for all users (including admins!) to set up MFA for their own Bonusly accounts.
Here's a few helpful articles with easy-to-follow steps for setting up and using MFA!
โ๏ธImportant: Enabling MFA for your company will require all users to log in with MFA using a 6-digit code generated by a third-party app. Individual opt-out will not be available.
FAQs:
Will Bonusly remind users that MFA is going into place? No, all announcements and reminders will need to happen independently within the company.ย
What if a user is locked out after the cut-off date? Users will need to contact the Bonusly support team for assistance.
Why are users locked out after the cut-off date? In order to be an effective security measure, it cannot have an easy back door for users who missed the cut-off.ย
What if users do not have their phone handy, do not want to download an app, or don't have a smartphone? Users can add an MFA Chrome extension to their browser.
Why don't you offer verification via SMS? SMS verification is considered out of date as a security feature.
Questions? Send us a note to [email protected]; we'd be happy to help!
Was this article helpful? Let us know by rating it below with an emoji and sharing your feedback!