Setting Up Multifactor Authentication in Vault
What is Multi-Factor Authentication?
Multi-Factor Authentication (MFA) is a security mechanism that requires two forms of identity verification before granting access:
First factor: User credentials such as a username and password.
Second factor: A one-time verification code generated by an authenticator app or provided via a security device.
Enforcing MFA significantly reduces the risk of unauthorized access to your Vault data by requiring something the user knows and something the user has.
Enabling MFA for Your Vault Account
Vault administrators can enable MFA either globally for all users or individually per user.
Global MFA Enforcement
Log in to your Vault account.
Navigate to Manage Users > Users.
Toggle the MFA switch in the header to enable MFA for all users in the account.
Per-User MFA Enforcement
Navigate to Manage Users > Users.
Find the specific user in the list.
Enable MFA by sliding the MFA toggle to the right for that user.

Reset MFA
If a user loses their device or switches to a new phone, they must contact an administrator to reset their MFA setup.
Admin Steps to Reset MFA:
Go to Manage Users > Users.
Locate the user and click the Reset icon next to the MFA toggle.

On the user's next login, they will be prompted to scan a new QR code to register their authenticator app.
Last updated
Was this helpful?