Skip to main content
All CollectionsGetting started with Procurify
Multi-Factor authentication(MFA) Overview
Multi-Factor authentication(MFA) Overview
Updated over 2 months ago

What is MFA

Multi-Factor Authentication (MFA) is a security method that enhances user identity verification beyond the traditional username and password combination.

Why is it important

  • MFA significantly reduces the risk of successful cyber attacks. Unlike just relying on a username and password, MFA adds an extra layer of security.

  • Usernames and passwords can be vulnerable to attacks or theft by third parties.

Why is Procurify implementing MFA

Our Multi-factor Authentication (MFA) feature enhances account security by requiring users to provide multiple forms of verification before accessing their accounts. This feature, integrated with Auth0, adds a critical layer of security beyond traditional password authentication.

Key Components:

  1. Authentication Methods: Users authenticate using both their usual login credentials and a one-time password (OTP) generated by an authentication app such as Google Authenticator, Microsoft Authenticator, or Auth0 Guardian.

  2. Implementation Scope:

    • Web Application: The MFA feature is currently available through our web application, ensuring enhanced security for web-based logins.

    • Domain-wide Setting: The setting is across the entire domain, ensuring uniform security protocols for all users within your domain without individual exceptions.

How to enable Multi-Factor Authentication (MFA) on your Domain

Steps:

You must have access to the ‘Manage Access’ section in Procurify to complete the setup.

  1. Navigate to Settings -> Security and Authentication: MFA

  2. Click on ‘Enforce MFA’

Please note that all users must enroll in the MFA authentication workflow. This is a domain-wide setting and can not be customized for individual users.

Downloading an Authenticator app will be required for all users accessing the domain once MFA is enabled.

We recommend the following Authenticator apps:

How to reset MFA for a User

Resetting MFA enrolment for a specific user if they are unable to access their one-time-passkey or their recovery code.

Steps:

You must have access to ‘Manage Users’ in Procurify and know the user details of the user you want to reset MFA for.

  1. Navigate to Settings -> Manage Users

  2. Navigate to the user you want to reset MFA for

  3. On the ‘User Details’ page, click on ‘Reset multi-factor-authentication’ and confirm the reset

How to Disable MFA

Steps:

  1. Navigate to settings.

  2. Select Security and Authentication: MFA.

  3. Click on Deactivate MFA.​


FAQ:

Q: Does MFA work in combination with SSO?
A: Yes, it does work in combination with SSO. If you are using SSO, we also recommend to check if your provider offers MFA. This way all your authentication settings are handled by one provider.

Did this answer your question?