In our latest release, we’ve added an extra layer of security to help keep your organization’s data safe! As an admin with Staff or Admin permissions to your organization's website, you'll now be required to set up Multi-Factor Authentication (MFA) when logging into your account. It’s a quick, required setup that adds an important layer of security, and once set up, your device will be remembered for 90 days.
Before You Begin
We recommend setting up MFA for the first time on your organization's website.
Before you begin setup, please double-check that you’ve updated your app to the latest version 41.0. Using an outdated version of the app will prevent you from logging in once this process has started.
For Android updates, click here.
For iPhone updates, click here.
Any user who has Admin or Staff permissions to their organization's website will see the following workflow. Other admin roles, general users, and team staff will not be required to enable it at this time, but will have the choice to implement it under their account settings. Should other users wish to implement MFA, it must be set up on their organizations website and cannot be setup in the app.
Setting Up Two-Factor Authentication
After entering an email and password for the account, a new screen will pop up prompting the user to set up two-factor authentication.
You can choose whether to set up text message or email verification. After choosing, you will be prompted to enter a phone number or email depending on your selection.
*Note that if choosing email, the email does NOT need to be the email associated with your account.
Once the information is entered, a 6-digit code will be sent and the screen will now display a box to enter the code.
Once the code is entered and verified successfully, a success message will appear on the screen. Now when logging in from a device we do not recognize, a code will be sent to the number or email on your account.
If the wrong code is entered, verification will fail and you will see an ‘invalid code’ error.
To make changes to your number, email or to remove devices from your account, navigate to account > settings. Here, you can update your phone number, set up a new authentication method, or remove saved devices from your account.
*Note that changes to your MFA settings can only be made on your organization's website and cannot be made in the app.
For other admin roles, general users, and team staff, MFA setup is optional, and can be enabled on your organization's website at any time for added security.
Please contact us at help@crossbar.org with any questions!