Knowledge Base / Admin Console / Multi-factor Authentication

Multi-factor Authentication

4 min read Last updated: March 24, 2025

Multi-factor Authentication (MFA) provides an essential additional layer of security by requiring users to verify their identity using multiple verification methods. Configure MFA settings to protect your ActionAtlas environment from unauthorized access.

In This Article:

Accessing MFA Settings

To configure MFA settings for your ActionAtlas tenant:

  1. Log in to your ActionAtlas account with administrator privileges
  2. Navigate to the Admin Console from the main dashboard
  3. Select Security from the left navigation menu
  4. Click on Multi-factor Authentication

Note: ActionAtlas uses Auth0 as the authentication provider for handling MFA operations. The settings you configure are securely managed through this enterprise-grade identity platform.

Supported Authentication Methods

ActionAtlas supports several authentication methods to accommodate different security needs and user preferences:

Authenticator Apps

Time-based one-time passwords (TOTP) generated by mobile apps:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy
  • LastPass Authenticator

This method doesn't require internet or cellular service to generate codes, making it highly reliable.

SMS Verification

One-time codes sent directly to the user's mobile phone:

  • Familiar to most users
  • Easy to set up and use
  • Works with any mobile phone
  • Automatic code delivery

While convenient, SMS is less secure than authenticator apps due to potential SIM swapping vulnerabilities.

Email Verification

One-time codes sent to the user's verified email address:

  • No mobile device required
  • Works across multiple devices
  • Easily accessible in work environments
  • Familiar verification method

Email verification provides a good backup option when mobile devices aren't available.

Security Keys (Enterprise Plans)

FIDO2/WebAuthn compatible hardware devices:

  • YubiKey
  • Google Titan Security Key
  • Feitian Security Keys
  • Biometric authentication devices

Hardware security keys offer the highest level of protection against phishing and account takeover attempts.

Requiring MFA for All Users

Administrators can enforce MFA for all users in their ActionAtlas environment:

How to Enable Required MFA:
  1. Navigate to the Multi-factor Authentication settings page
  2. Locate the "Require Two-Factor Authentication for All Users" toggle
  3. Switch the toggle to the "On" position
  4. Save your changes

Once enabled, users who haven't set up MFA will be prompted to configure it during their next login attempt.

Important: Before enabling MFA for all users, ensure your team is prepared for this change. Consider sending an announcement and providing guidance on setting up MFA to minimize disruption.

Resetting User MFA Settings

Administrators can reset MFA settings for users who have lost access to their authentication device or need to reconfigure their verification methods:

How to Reset MFA for a User:
  1. Navigate to the Users section in the Admin Console
  2. Search for and select the user who needs an MFA reset
  3. Click on the Security tab of their profile
  4. Select Reset Multi-factor Authentication
  5. Confirm the action in the dialog box

The user will need to set up MFA again during their next login attempt.

Common Reasons for MFA Resets:
  • User has lost or replaced their mobile device
  • User has uninstalled their authenticator app
  • User has changed their phone number (for SMS verification)
  • User is unable to receive verification codes
  • User has locked themselves out of their account

Note: For security reasons, users cannot reset their own MFA settings. Only administrators can perform this action.

Need Help?

Our security specialists are available to assist with questions about configuring Multi-factor Authentication for your organization.

Contact Support