Skip to main content

Multi-factor Authentication

How to enable and set up Multi-factor Authentication (MFA) for association admins and members.

Jaime Morgan, CAE avatar
Written by Jaime Morgan, CAE
Updated yesterday

To have even more confidence that your account information is secure, we recommend requiring Multi-Factor Authentication (MFA) for your admins in Novi.

Multi-factor authentication is when you use two or more authentication factors to verify your identity. Having MFA adds a layer of protection to the sign-in process for admins and users to provide additional identity verification.

MFA is available to both admins and members/non-members with user accounts.

  • For admins, it will automatically prompt at login.

  • Members and non-members will not be prompted unless an association admin turns it on.

In This Article:

Admin User Setup and Management

Requiring Two-Factor for Admins or All Users:

Under the Association tab of your Association Settings, you will find a Security section that allows you to require Multi-Factor Authentication as:

  • Optional for all users

  • Optional for non-admin users & required for admins (Recommended & is default)

  • Required for all users

We highly recommend "Optional for non-admin users & required for admins" as an additional security layer to protect your member data.

Once set as required, admin users will be prompted to configure MFA at login. If they have both methods configured, they have the option of turning one method off, but one method must stay on.

Admins can view which admin users have MFA configured on their account in Admin Users, under the column labeled Two-Factor Auth.

Initial Setup

There are two ways to set up MFA.

  1. Users can set up or manage their MFA at any time, from their Member Compass.

  2. At login, depending on your setting above, users will be prompted with the MFA setup screen. If not required, users will have the option of selecting Remind me Later. To setup, click the Setup Now button.

Member Compass Setup

Users can configure MFA from the Member Compass under the Login & Password tab, but will not be required to do so unless it is set to be required in Association Settings.

Login Setup


​There are two authentication methods to choose from:

  • Authenticator App (Recommended and Default)

  • SMS/Text Message

Authenticator Apps are the most secure option. You can use any authenticator app you like. If you don't already have one, we suggest Google Authenticator, Authy, or Microsoft Authenticator for your tablet or phone.

Under Setup Now, select either authentication method. It is possible to set up both options, and users can choose which method they prefer at each login. By default, it starts the setup instructions for the Authenticator app. Scroll down to the bottom of the page for the text message option.

Authenticator App Steps:

  1. Download an Authenticator App of your choice (if you don't already have one)

  2. Open the App and Scan the QR Code (or click to show MFA code to add it manually)

  3. Enter the verification code provided by your app, click "Verify Code & Activate."

SMS/Text Message Setup:

  1. Enter phone number and click Send Verification Code.

  2. Enter verification code, then click Verify Code & Login.

Here is an example of an account now set up with Multi-factor Authentication using a phone number. The option to setup the app is still available as well.

How to Reset Two-Factor for a User

If a user is locked out and needs their two-factor authentication reset, another admin can reset this by going to the Settings tab on their record and clicking the Reset Two-Factor Auth button. Additionally, an admin can reset their own two-factor authentication through the Settings tab and clicking the "Reset Two-Factor Auth" button.

An email will be sent with the instructions to reset.

Note: Limited Admins are unable reset two-factor authentication.

Related Articles:

Did this answer your question?