Enabling Two-Factor Authentication for Members

In this Article

About Two-Factor Authentication

Turn on Two-Factor Authentication

What Members Can Expect on the Mobile App

Troubleshooting

About Two-Factor Authentication

Two-factor authentication adds an extra layer of security for your members and helps prevent unauthorized access to their accounts. Once enabled, members will be asked to register the device(s) they use to access the directory—either through the Mobile App or the Member Website.

When signing in on a new device (like a new phone or a different computer), members will receive an email with a 6-digit code to confirm their identity before gaining access.

Note: Enabling 2FA will apply this requirement to all active members who choose to create and use a login.


Do I Still Need to Enable This If We’re Using Secure Sign-In Links?

Great question! If your members are primarily using secure sign-in links, then two-factor authentication does not apply to them. 2FA only applies to members who manually sign in with an email and password.


✅ That said, enabling 2FA won’t hurt — it adds protection for the small number of members who might still choose to log in with a password. It’s perfectly fine to leave it on, even if most of your members are using secure sign-in links.


No extra steps are required — but it’s always okay to keep the extra layer of security turned on.

Turn on Two-Factor Authentication

To enable two-factor authentication, follow these steps:

  1. Go to the Member App tab.
  2. Make sure Member App Access is enabled. (If not, enable it first.)
  3. Once enabled, you’ll see the option for Two-Factor Authentication — it will default to Disabled.
  4. Switch this setting to Enabled if you want 2FA turned on for all members.


What Members Can Expect

Once 2FA is turned on, here’s what members will experience when signing in:

  • When a member taps Sign In on the Mobile App or Member Website, we’ll check if the device has been previously registered.
  • If it has been registered, the sign-in completes normally.
  • If it has not been registered, we’ll send a two-factor authentication email with a 6-digit code.
  • The member will enter that code on a screen we display. Once entered, the sign-in completes—and the device will be registered for future use.

🔍 Important:

The system registers the device used to sign in, not the one used to enter the code.

For example, if someone signs in on their phone but enters the code on a laptop, we register the phone.

Example of email with verification code.
Enter your verification code from your email and click verify.

Note: We currently do not offer 2FA via text message.

Troubleshooting


If a member belongs to multiple directories and only one of them has 2FA enabled, they will be prompted to enter a code.

We prioritize the most secure directory (i.e., the one with 2FA turned on) to determine whether authentication is required.

If you see one of these errors:

    • “MFA Code Not Found”
    • “MFA Code Has Expired”

Ask the member to start the sign-in process again to receive a fresh code via email.

Still need help? Contact Us Contact Us