Skip to main content

Multi-Factor Authentication (MFA) Setup

Multi-factor authentication adds an extra layer of security to your account by requiring a verification code in addition to your password.

MFA Settings

Why Use MFA?

MFA protects your account even if your password is compromised. With MFA enabled:

  • Unauthorized access is prevented without your physical device
  • Sensitive client documents remain secure
  • Your organization meets security compliance requirements

Setting Up MFA

Prerequisites

Before setting up MFA, you'll need:

  • A smartphone with an authenticator app installed
  • Recommended apps: Google Authenticator, Microsoft Authenticator, Authy, or 1Password

Step-by-Step Setup

  1. Navigate to MFA Setup

    • Click your profile menu in the top-right corner
    • Select Profile
    • Click Set Up MFA or navigate directly to /mfa-setup
  2. Scan the QR Code

    • Open your authenticator app
    • Tap the + button to add a new account
    • Scan the QR code displayed on screen
  3. Enter Verification Code

    • Your authenticator app will display a 6-digit code
    • Enter this code in the verification field
    • Click Verify
  4. Save Backup Codes (Recommended)

    • After verification, you'll see backup recovery codes
    • Save these codes in a secure location
    • Use them if you lose access to your authenticator app
  5. Confirmation

    • Once verified, MFA is active on your account
    • You'll need to enter a code each time you sign in

Organization MFA Requirements

Business & Enterprise

Organization-wide MFA enforcement is available on Business and Enterprise plans.

Your organization admin may require MFA for all users. If MFA is required:

  • You'll see a banner on the portal list page
  • You'll have a grace period (typically 7 days) to set up MFA
  • After the grace period, you must have MFA enabled to access portals

Signing In with MFA

Once MFA is enabled:

  1. Enter your email and password as usual
  2. When prompted, open your authenticator app
  3. Enter the current 6-digit code
  4. Click Verify to complete sign-in
tip

Codes refresh every 30 seconds. If your code is about to expire, wait for the next one.

Managing MFA

Disabling MFA

If your organization allows it, you can disable MFA:

  1. Go to Profile settings
  2. Find the MFA section
  3. Click Disable MFA
  4. Enter your current MFA code to confirm
caution

Disabling MFA is not recommended and may not be allowed if your organization requires it.

Changing Authenticator Apps

To switch to a different authenticator app:

  1. Disable MFA on your current setup
  2. Set up MFA again using the new authenticator app

Troubleshooting

Code Not Working

  • Ensure your device's time is set to automatic
  • Time sync issues are the most common cause of MFA failures
  • Try the next code if the current one is about to expire

Lost Access to Authenticator

If you've lost your phone or can't access your authenticator:

  1. Use one of your backup recovery codes
  2. Contact your organization admin to reset MFA
  3. Set up MFA again with a new device

Backup Codes

  • Each backup code can only be used once
  • Store them securely (password manager, printed copy in safe)
  • Generate new codes if you run low