Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) improves account security in that any login to a user account requires a one-time passcode in addition to the username and password. The one-time passcode (OTP) is required once every seven days for each device, and can be received by email, SMS message, or an app-based token. MFA is strongly recommended for all user accounts, and is required for manager and administrator roles.

Caution: MFA is required for manager-role user accounts. You cannot turn off MFA for these accounts.

Note: MFA applies only to Basic and not to Federated Authentication. MFA is required for Basic Authentication, and this topic describes how to set up and use MFA only for Basic Authentication. For Federated Authentication, single-sign on (SSO), or authentication by way of other applications, refer to the Authentication topic or the documentation for those other applications.