Multi-factor authentication (MFA) is a security process that requires users to verify their identity using more than one method before they can access an account. Instead of just relying on a password, MFA adds further layers of security by requiring additional confirmation before being granted access to the account. 


Enabling MFA

Multi-factor authentication can be enabled individually per user account, however, this can be set as a required feature through the environment default screen, under ‘Multi-factor authentication (MFA)' header. 

  • You can also enable SMS as an alternative option for MFA authentication, alongside email and Microsoft authenticator app. 


After setting up or enabling MFA on a user account for the first time, the next login attempt will prompt the user to establish an MFA link either through email, or Microsoft authenticator.

  • If SMS verification has been enabled through the environment defaults, there will be three multi-factor options upon the next login. 

Upon accessing iplicit, the selected MFA details for SMS or email will be listed on the user account. Authenticator app verification is single use, and therefore is not listed on the user account. 


Disabling MFA

Any established MFA links can be removed from a user account by selecting the three dots on the top of the account, and ‘Removing MFA’. 

There will be a prompt warning the removal of existing MFA links, along with trusted or saved devices. 

After removing existing MFA links, the same account status' will be retained, and new multi-factor will be required upon next log in (if required is enabled on the account).