Set Up Multifactor Authentication in Vault
Last updated
Last updated
Multi-factor authentication (MFA) is a powerful, secure authentication method with two steps (or factors) to prove users’ identities when they log in. The first factor is information known to users, like usernames and passwords. The second is a verification method the user has in their possession, like an authenticator app or a security key. So multi-factor authorization makes it a lot harder for fraudsters to get access to your Vault data.
As an administrator of your account, you can enable multi-factor authentication (MFA) for every account member (global level) or at the user level.
Enabling MFA in your account at a global level affects all members of the account. This means that the users must enroll for MFA at their next login.
Points to Note:
Enabling MFA does not affect users already logged in, as the enforcement of MFA on the account takes effect only at new logins.
Enabling MFA will mandate users to register their mobile devices for generating and validating tokens using authenticator apps like Google Authenticator or Salesforce Authenticator app.
In the Vault application, go to Manage Users > Users
.
Enable multi-factor authentication (MFA) for every member in the account using the MFA toggle
button located in the header or, look for the user from the list and enable the MFA by sliding the MFA toggle
button to the right side.
You can reach out to your administrator to reset your MFA, if you have lost your phone or changed your device.
The administrator will reset MFA from the Manage Users > Users
screen.
Click on the Reset
icon (next to where the MFA toggle button is displayed).
This will enable the user to register his device again with a new bar code on the authenticator app when he tries to log in.