MFA verification

Scope

This document defines the Multi-Factor Authentication (MFA) verification flow for Members in a Business Organization.

MFA verification occurs after successful email and password authentication, when required by organization security policies.

Members cannot configure, enable, or disable MFA methods.

I am new. Where should I start?

If you are a Member, MFA verification may appear during sign-in.

You only need to:

• Follow the on-screen verification instructions

• Use the MFA method required by your organization

No prior configuration is needed unless instructed by your administrator.

Purpose

This guide helps Members understand:

• When MFA verification is required

• What MFA verification methods may be used

• How to complete MFA verification successfully

Prerequisites

Before completing MFA verification:

• You have already signed in with email and password

• MFA is enabled or enforced by your organization

• You have access to the required verification method

I already understand. How do I proceed step by step?

1. When MFA Verification Is Triggered

MFA verification is required when:

• Mandatory MFA is enforced by the organization

• Risk-based access control detects unusual behavior

• You sign in from a new device, location, or network

2. MFA Verification Methods

The verification method is automatically selected based on organization policy.

Option A: Authenticator App (TOTP)

Step 1: Select Authenticator as the verification method.

Step 2: Open your authenticator app on your mobile phone or tablet.

Step 3: Enter the verification code displayed in the app.

Once the code is validated, verification is completed automatically.

Option B: Email Verification Code

Step 1: Select Email as the verification method.

Step 2: Check your email inbox for the verification message.

Step 3: Enter the verification code provided.

Verification completes automatically once the code is validated.

Note: If you do not receive the verification code, see What should I do if I don't receive a verification code when signing up or forgot password?

Option C: Passkey Verification (FIDO2 / WebAuthn)

Step 1: Passkey is selected as the default verification method.

Step 2: Click Continue.

Step 3: Verify your identity using a registered passkey.

Follow the on-screen instructions provided by your device to complete verification.

3. Verification Result

After successful MFA verification:

• Sign-in is completed

• You are redirected to your dashboard or assigned workspace

• Your session continues normally

Failure and Retry

If MFA verification fails:

• You may retry within allowed limits

• Excessive failures may temporarily block sign-in

• You may be prompted to use an alternative method if allowed by policy

Security Considerations

• Verification codes are time-limited and single-use

• Verification attempts are logged for audit purposes

• Rate limiting is applied to prevent abuse

• MFA may be required again for high-risk actions

Important Notes

• Members cannot change MFA settings

• MFA methods are enforced by the organization

• Password reset does not disable MFA enforcement

• Loss of access to MFA method requires administrator assistance

Summary