Last updated
Last updated
Enabling Multi-Factor Authentication (MFA) is an important security measure that SaaS companies can implement to protect their users' accounts from unauthorized access. MFA adds an extra layer of security by requiring users to provide a second form of identification, in addition to their username and password, before accessing their account. It is required to have MFA enabled for all accounts.
First-Time MFA Enablements: Once MFA is enabled on an account, you will be prompted to verify your email address once you successfully submit your login credentials. You have 7 days to verify your email address.
MFA Grace Period (Days) = # of days client users can access the account after MFA is marked active.
By default, the grace period is set for 7 days.
MFA Expiration (Days) = # of days an individual client account will be verified before going back through the MFA process.
By default, the MFA Expiration days are set to 30.
You will choose one of the following:
"Verify My Email Address," which sends a one-time MFA passcode to your email.
"I don't have access to the email address I use to log in." which will allow you to proceed to the dashboard to log in within the allotted grace period time (by default - 7 days).
If you are unable to access the email address, the following will need to take place:
Submit a support ticket to our support team and provide us with a new email address.
A Satisfi Labs Admin will navigate to your account to change the email address on your behalf. From there - you will be able to verify upon the next login.
Once MFA is enabled and the grace period is passed:
Client users must go through MFA verification upon initial login & on a recurring basis from a configurable setting in each account.
By default, users will need to verify once every 30 days. This can be changed to a more frequent basis upon request, including on each login.
If a user loses access to their email, they will be prompted to submit a support ticket to our team and have their login email adjusted.
Users will have up to 5 attempts once the MFA code is sent to enter their passcode correctly. After the 5th attempt, their account will be locked. Users with locked accounts will be prompted to ask an administrator for assistance.
The MFA is specific to each client account + unique device. Logging in on incognito, phone, new device, etc, will result in verification needing to be resent.
Satisfi Administrators will adhere to the client account settings. For example, if a client account is set to an MFA expiration of daily due to their company's policies, Satisfi Administrators will also go through the verification each day when reviewing the client account.
