/
Multi Factor Authetication (MFA)

Multi Factor Authetication (MFA)

Owned by Lane Kealey
Feb 03, 2025
4 min read

Summary

Why?

Recommended Customer Action

Summary

Why?

Recommended Customer Action

Multi-Factor Authentication is now an available add-on

Adding Multi-Factor Authentication provides an extra layer of security, ensuring that the person logging into the company’s Rethink account is authorized.

To learn more about this feature and add it to your Rethink account, reach out to your Account Manager.

Step

Description

Good To Know

Step

Description

Good To Know

Enable MFA at account level

Jrich Settings

(Internal Only)

To add the MFA functionality to a customer account, the Jrich setting “Security Settings’ must be enabled.

 

Security Settings toggle.png

 

  • Enabling Security Settings will result in the MFA setting displaying in the customers. company account.

  • Customers will need to take action on the MFA setting to enable the functionality.

Manage Security Settings

Go to Settings>Security settings

Select Multi Factor Authorization setting

Security Settings-MFA.png

 

  • Users must have permission to View/Edit company account.

 

 

 

 

 

 

Define MFA Policy

In MFA settings, choose one of three policies: never, adaptive, or always

1. Never: If the policy is set to never, then users will receive no MFA requests

2. Adaptive: If the policy is set to adaptive, then users will receive an MFA request when signing in on a new browser on a pc, or when signing onto a new mobile device

3: Always: If the policy is set to always, then users will always receive an MFA request upon sign-in attempt

 

 

  • The toggle next to the MFA setting will display as “on” once a policy other than “never” has been set

  • Any setting selected will be applied account wide for all staff.

  • Selecting all options will provide staff with more options to make their preferred choice for how they verify their account.

 

Select MFA Factors

There are three MFA options available to select:


1. Email-system sends a verification code to the user’s email address

  1. SMS-system sends a text or sms message to the user’s phone number with the verification code

  2. Voice Call- sends a call to the user’s phone number containing the verification code

 

 

 

 

 

 

Staff Login MFA Request

If the MFA policy is set to any option other than "never," users will be prompted to choose an MFA factor to receive the verification code whenever a sign-in triggers the MFA policy.

 

  • Only MFA Factors selected in security settings will be visible

  • if only one MFA factor is selected in settings, then this message will be skipped and the code will be sent to the MFA factor chosen in settings

  • Email addresses and phone numbers are displayed based on what is entered in the staff profile.

  • If no phone number is set for a user, then when they sign in the MFA will prompt them to set a new one

  • If user is in offline mode, we will not be able to send the user a verification code and the user will be unable to sign in while offline if the MFA policy which was in use the last time the user was online is triggered. The user will still be able to sign in next time they are online(internal only).

  • If there was no MFA policy the last time the user was online and one has since been added, then a user in offline mode will be allowed to sign in without the MFA triggering(internal only).

Verification Code

Upon selecting a factor, the user will be sent to a screen where they must input the verification code sent to their chosen factor


Upon entering the correct code and clicking login, the user will be signed in.

  • The verification code is only valid for 10 minutes after being sent.

  • Staff may request a new code if needed.