Multi-Factor Authentication (MFA)
Don't put your Byner account at risk and make use of multi-factor authentication (MFA), which is also known as two-factor authentication (2FA). This is an extra security layer added to the login process of portals that do not make use of single sign-on (SSO). Users with MFA enabled need to enter an additional security code besides their regular email and password. This security code is generated by an authenticator app on another device. In most cases this would be your smartphone. All MFA apps that support TOTP (Time-based One-Time Passwords) can be used.
As an admin you can enable 2FA for all permission profiles or only for specific ones. Alternatively, you can allow users to enable it themselves for their profiles if they think it's needed.
Select your portal role below to get all the relevant information you need about multi-factor authentication
If your portal is not set up with single sign-on (SSO), we strongly advise to roll out multi-factor authentication portal-wide in order to secure the accounts of your users as much as possible.
Go to
Settings > Users & rights > Permission Management to verify your permissions.Select the user profile for which you want to enable 2FA.
In the Users and permissions section, select the permission Require MFA on login.
Click the Save button at the bottom of the page to save the changes.
Now, all users with that profile will have to set up 2FA the next time they try to log in.
Follow the instructions below to reset the MFA of a user.
Go to
Settings > Users & rights > User Management.Search for the user who needs a MFA reset and click the account.
Click the Reset button in the Multi-Factor Authentication section. The user can now login again without having to use MFA.
Click the Save button.
Note
Only users with a permission profile that has the Require MFA on login permission enabled, will need to reconfigure their MFA upon their first login after the MFA reset. Users with a profile for which this permission is not enabled, will not be required to re-enroll for MFA. They can re-enroll manually though by going to their account page.
At what level do you want to disable MFA?
MFA can be disabled for a permission profile by following the steps below.
Note
Disabling MFA on a user profile level only makes sure that new users with this profile are no longer required to set up MFA upon their first login. However, MFA will not be deactivated for all users, who have this profile and already set up MFA before.
Go to
Settings > Users & rights > Permission Management.Select the user profile for which you want to disable 2FA.
In the Users and permissions section, deselect the permission Require MFA on login.
Click the Save button to save the changes.
In order to disable MFA for a specific user, MFA needs to be temporarily disabled for the user profile of that user. Follow the instructions below.
Go to
Settings > Users & rights > User Management.Search for the user whose MFA needs to be reset.
Click on the account and check the user profile.
Go to
Settings > Users & rights > Permission Management to verify your permissions.Select the user profile for which MFA temporarily needs to be disabled.
In the Users and permissions section, deselect the permission Require MFA on login and click the Save button at the bottom of the page.
Go back to
Settings > Users & rights > User Management and open the account of the user again.Click the Reset button in the Multi-Factor Authentication section. The status of the MFA will now turn to disabled.
Go back to
Settings > Users & rights > Permission Management.Select the user profile for which MFA was switched off.
In the Users and permissions section, reselect the permission Require MFA on login and click the Save button at the bottom of the page to save the changes.