To have even more confidence that your account information is secure with us, we have added Multi-factor Authentication (MFA) to Novi. Multi-factor authentication is when you use two or more authentication factors to verify your identity. Having MFA adds a layer of protection to the sign-in process for admins and users to provide additional identity verification.
MFA is available to both admins and user accounts.
Users will not be prompted until an association admin turns it on.
For admins it will automatically prompt at login.
In This Article:
Initial Setup
At first login, users will be prompted with the MFA setup screen. If not required for association admins (more info on that below), users will have the option of selecting Remind me Later. To setup, click the Setup Now button.
Note, if the “keep me logged in for 14 days” feature has been enabled and you are within that 14 day window, you will not see the MFA prompt at login. Logout and log back in to activate it.
There are two authentication methods to choose from:
Authenticator App (Recommended and Default)
SMS/Text Message
Authenticator Apps are the most secure option. We suggest Google Authenticator, Authy or Microsoft Authenticator for your tablet or phone.
Under Setup Now, select either authentication method. It is possible to set up both options, and users can choose which method they prefer at each login. By default, it starts the setup instructions for the Authenticator app. Scroll down to the bottom of the page for the text message option.
Authenticator App Steps:
Download Authenticator App
Scan QR Code (or click to show MFA code)
Step 2 shows an example QR code
Enter verification code, click "Verify Code & Activate."
SMS/Text Message Setup:
Enter phone number and click Send Verification Code.
Enter verification code, then click Verify Code & Login.
Here is an example of an account now set up with Multi-factor Authentication using a phone number. The option to setup the app is still available as well.
Admin User Setup and Management
Requiring Two-Factor for Admins or All Users:
Under the Association tab of your Association Settings, you will find a Security section that allows you to require Multi-Factor Authentication as Optional for all users, Optional for non-admin users & required for admins (default), or Required for all users:
Once set as required, admin users will be prompted to configure MFA at login. If they have both methods configured, they have the option of turning one method off, but one method must stay on.
Admins can view which admin users have MFA configured on their account in Admin Users, under the column labeled Two-Factor Auth.
Non-Admin User Setup
Non-Admin users can configure MFA from the Member Compass under the Login & Password tab, but will not be required to do so unless it is set to be required in Association Settings.
How to Reset Two-Factor for a User
If a user is locked out and needs their two-factor authentication reset, an admin can reset this by going to the Settings tab on their record and clicking the Reset Two-Factor Auth button.
Additionally, an admin can reset their own two-factor authentication through the Settings tab and clicking the "Reset Two-Factor Auth" button.
Note: Limited Admins are unable reset two-factor authentication.
Related Articles: