Skip to content

Multi-Factor Authentication (MFA)

Requirements

  • Release >= v5.5
  • Access to the Settings app (exception: own settings can also be accessed in the portal and m2s app)

What is multi-factor authentication?

Multi-factor authentication (MFA) is a security method that requires two or more verification steps to confirm a user's identity. A common variant is two-factor authentication (2FA), in which, for example, a known password is combined with additional verification such as a code on the user's cell phone. Passkeys, a modern and particularly secure alternative, replace conventional passwords with cryptographic keys that are linked to a specific device - and thus offer a high level of protection in the context of MFA.

How do you set up MFA for a user?

  1. click on the "Administration " entry in the navigation menu
  2. click on the entry "User " in the submenu
  3. find the correct user

  4. click on "" and then on " Multi-factor authentication"

  5. alternatively, if you want to customize your own MFA settings, you can do this via the user settings at the top right ( -> " User settings")

You will now see a window with two sections - 2FA (two-factor authentication) and passkey authentication.

  • Two-factor authentication:

    • If you enable 2FA**, the respective user will be prompted to set up their two-factor authentication the next time they log in to m2v. They cannot log in without this setup.
    • If you deactivate 2FA, there are two possible scenarios, depending on whether the user has already set up their 2FA (both lead to the removal of the 2FA):
      • The user has already set up their 2FA - disabling the switch will remove the existing 2FA configuration. The user now only logs in with a user name and password.
      • The user has not yet set up their 2FA - when logging in, the user is no longer prompted to set up 2FA. Here too, login is only possible with a user name and password.

  • Passkey authentication:

    • If you click on "Request new passkey", the user will be prompted to set up passkey authentication the next time they log in.
    • If a passkey has already been requested but the user has not yet set up authentication, the option "Delete current passkey request" is available. By deleting the request, the user will no longer be prompted to set up a passkey the next time they log in.
    • After the user has set up one or more passkeys, these are listed below the two buttons. Individual keys can then be deleted.

How to set up 2FA at company level?

  1. click on the "Administration " entry in the navigation menu
  2. click on "Company " in the submenu
  3. find the correct company and click on or

Depending on whether you have activated or deactivated the option, one of the following scenarios will occur:

  • If you have 2FA enabled, any user who has not yet set up their 2FA will be prompted to do so the next time they log in.
  • If you have 2FA disabled, any user who has been prompted to set up 2FA but has not yet done so will not be prompted the next time they log in. All users who have already set up 2FA will keep their existing 2FA configuration.