Enable Two-Factor Authentication (2FA)

Single-factor authentication where a user supplies a username and password is the standard validation method. However, it is only one security level. To minimize the risk of data breaches, malware, and other forms of cyberattacks, enable two-factor authentication (2FA).

In addition to using a username and password to log in, 2FA further secures your account by requesting an additional verification code generated by an authenticator application (for example, Google Authenticator).

This article describes the steps you need to perform in a third-party product. The process and changes in the user interface in third-party products are subject to change beyond our control, and Emplifi therefore accepts no liability associated with them.

Types of two-factor authentication

You can choose from the following types of two-factor authentication (2FA):

• Opt-in 2FA
  The 2FA option is readily available for each user in an Emplifi account.
  By default, 2FA is disabled for individual users, and each user can enable and disable it for themselves as they need. Having 2FA enabled is not forced.

• Mandatory 2FA
  2FA is turned on for a whole Emplifi account. Once 2FA is on, all currently logged-in users are automatically logged out from the account. When they log back in, they are required to enable 2FA for themselves and pair it with an authenticator application, or they will not be able to proceed.
  The users cannot disable 2FA for themselves; it is enabled or disabled at the account level.
  Mandatory 2FA is enabled by Emplifi Support per request.

Opt-in two-factor authentication

By default, opt-in two-factor authentication (2FA) is disabled, and you can enable and disable it for yourself (your Emplifi user) as you need.

Enable opt-in 2FA for your Emplifi user

To be able to enable 2FA, you will need to install an authenticator application on your mobile device.

In this article, Google Authenticator is used as an example of the authenticator application that you can use. However, you can choose a different authenticator application (for example, Duo Mobile or Authy). Your choice of the authenticator application may depend on the operating system of your mobile device, security policies of your company, and so on. If your company already uses some multi-factor authentication applications like Okta Verify or Microsoft Authenticator, you can use these applications for setting up 2FA with Emplifi.

Steps:

1. Install Google Authenticator on your mobile device.

2. Log in to your Emplifi account, and go to Settings -> Personal settings.
   Your user account settings appear.

   

3. Click the Security tab, and toggle the switch next to the Two-Factor Authentication option to ON.

   

   A pop-up dialog with the QR code and the activation code opens.

4. Open Google Authenticator on your mobile device, and tap the plus button at the bottom right.

5. Choose one of the following options:

   • Scan a QR code
     Scan the QR code displayed on the pop-up dialog.
     The Emplifi account is added to Google Authenticator. The verification code is generated.

   • Enter a setup key
     Enter Emplifi as the account name, enter the activation code from the pop-up dialog, and tap Add.
     The Emplifi account is added to Google Authenticator. The verification code is generated.

6. Go back to the Emplifi account, and click Next Step on the pop-up dialog.
   You are asked to enter the code from Google Authenticator.

7. Enter the code generated by Google Authenticator, and click Enable.
   The pop-up dialog closes. 2FA is now enabled for your Emplifi user.

   

From now on, each time you log in to the Emplifi account, you will be asked to provide an authenticator code.

Disable opt-in 2FA for your Emplifi user

You can disable opt-in 2FA for yourself as you need. However, we strongly recommend that you keep 2FA enabled to protect your Emplifi user from data breaches, malware, and other forms of cyberattacks.

You can disable 2FA for yourself only if this is opt-in 2FA. If mandatory 2FA is enabled for the whole Emplifi account, you cannot disable it for yourself.

Steps:

1. Log in to your Emplifi account, and go to Settings -> Personal settings.
   Your user account settings appear.

   

2. Click the Security tab, and toggle the switch next to the Two-Factor Authentication option to OFF.

   

   You are asked to confirm whether you want to disable 2FA.

3. Click Turn it off to confirm it.
   2AF is disabled for your Emplifi user.

You can now delete the Emplifi account from your Google Authenticator.

Mandatory two-factor authentication

Mandatory two-factor authentication (2FA) is enabled for a whole Emplifi account. You cannot enable or disable mandatory 2FA for your individual Emplifi user; it is enabled or disabled at the account level.

Enable mandatory 2FA in your Emplifi account

Contact Emplifi Support, and ask them to enable mandatory 2FA in your Emplifi account. Alternatively, you can ask your Customer Success Manager to request it on your behalf.

To be able to request mandatory 2FA to be enabled, you must be an Account Admin (see Account Roles).

Once Emplifi Support turns 2FA on, all currently logged-in users are automatically logged out. When they log back in to the account, they are required to enable 2FA for themselves and pair it with an authenticator application, or they will not be able to proceed.

Disable mandatory 2FA in your Emplifi account

Contact Emplifi Support, and ask them to disable mandatory 2FA in your Emplifi account. Alternatively, you can ask your Customer Success Manager to request it on your behalf.

To be able to request mandatory 2FA to be disabled, you must be an Account Admin (see Account Roles).

Transfer your 2FA to a different mobile device

When you get a new mobile device, transfer your 2FA from your current device to the new one.

To be able to transfer your 2FA, you will need to install an authenticator application on your new mobile device.

In this article, Google Authenticator is used as an example of the authenticator application that you can use. However, you can choose a different authenticator application (for example, Duo Mobile or Authy). Your choice of the authenticator application may depend on the operating system of your mobile device, security policies of your company, and so on. If your company already uses some multi-factor authentication applications like Okta Verify or Microsoft Authenticator, you can use these applications for setting up 2FA with Emplifi.

Steps:

1. Install Google Authenticator on your new mobile device.

2. Log in to your Emplifi account, and go to Settings -> Personal settings.
   Your user account settings appear.

   

3. Click the Security tab, and click Add new app.

   

   A pop-up dialog with the QR code and the activation code opens.

4. Open Google Authenticator on your new mobile device, and tap the plus button at the bottom right.

5. Choose one of the following options:

   • Scan a QR code
     Scan the QR code displayed on the pop-up dialog.
     The Emplifi account is added to Google Authenticator. The verification code is generated.

   • Enter a setup key
     Enter Emplifi as the account name, enter the activation code from the pop-up dialog, and tap Add.
     The Emplifi account is added to Google Authenticator. The verification code is generated.

6. Go back to the Emplifi account, and click Next Step on the pop-up dialog.
   You are asked to enter the code from Google Authenticator.

7. Enter the code generated by Google Authenticator on your new mobile device, and click Enable.
   The pop-up dialog closes. 2FA is now transferred to your new mobile device. 2FA on your old mobile device is no longer valid, and its codes will not be accepted by the Emplifi platform.

FAQ

Do you offer any 2FA methods other than using an authenticator application (for example, by SMS)?
No, we do not offer any other 2FA methods.

Can I use any authenticator application other than Google Authenticator?
Yes, you can use a different application, for example, Duo Mobile or Authy. Your choice of the authenticator application may depend on the operating system of your mobile device, security policies of your company, and so on. If your company already uses some multi-factor authentication applications like Okta Verify or Microsoft Authenticator, you can use these applications for setting up 2FA with Emplifi.

I lost access to my authenticator application and cannot get the verification code. I cannot log in to the Emplifi account. What should I do?
Contact Emplifi Support at support@emplifi.io.