Setting up MFA in User Profiles
Users are able to set up their MFA methods by going into their user profile. This can be accessed by clicking on the Organization Name (top right corner) -> User Profile -> Multi-Factor Methods. Any MFA method that has been enabled by an admin will be available for users to set up here. There are multiple different MFA methods that can be set up, depending on what your administrator has enabled. If you have multiple MFA methods enabled, you are able to choose which method you want to use to authenticate your account.
Recovery Keys can be used both as a MFA method, but also as a backup in the event you lose access to your account and cannot log in with another factor of authentication. If you generate a new set of recovery keys before using all your old keys, the old recovery keys will be disabled. It's important to generate a new set of recovery codes when all recovery codes have been used, as each code can only be used once and if a new set of codes aren't generated, users will need to get assistance from their admin.
WebAuthn requires either an external USB drive with a code or if the device supports its then biometric data, such as fingerprints can be set up. To set this up, users will need to follow the instructions on screen in their User Profile.
Security Questions can be used as a MFA method, and you can either set up an answer with one of the pre-defined questions generated by Teamstack or they can create their own question and answer.
SMS Authentication can be used as a MFA method by sending an SMS to the users phone number that the user will need to use to authenticate their account. For this MFA method, there is an additional charge applied for each SMS that is sent out to a user.
One Time Passwords (OTP)
To enable One Time Passwords as a MFA, users will need to download a compatible application (such as Google Authenticator) that can be used to generate a OTP code. When users are logging in they will need to access their OTP application and enter the OTP code displayed to authenticate their account.