What is MFA, why should I use it, and how do I enable it?

What is MFA?

Multi-factor authentication (MFA) is a security feature which requires the user to provide two or more verification factors in order to gain access to an application (in this case our Dashboard).  For example: In addition to their username and password, a user with MFA enabled will also have to authenticate through an authentication app or SMS text message in order to login to the dashboard.  Simply put, this means that someone attempting to break into your Brownrice account will be unable to do so even if they possess your username and password! 

Why should I use MFA?

MFA is highly recommended for anyone concerned about the security of their account, particularly developers or other individuals who have access to multiple accounts via the Brownrice Dashboard.  It's also a requirement in some cases, such as if you need to meet PCI, HIPAA, or other requirements that require MFA to be in place for administrative logins.  Anyone can use MFA and it's easy to enable and use!

This sounds great!  What if I get locked out?

Once MFA is enabled you will be unable to access your account without your user's MFA code (or recovery code).  However, if you get locked out, you can contact BRI support to unlock your account and/or reset your user's MFA.

Account vs user level MFA

There are two levels on which MFA can be enabled:

Account level MFA:
MFA can be enabled on the account level, and once enabled, it's forced on the user level.  This means that if you enable MFA for your account, any users (contacts) on the account will be forced to enable MFA in order to access your account upon their next log-in.  Account level MFA was designed this way on purpose so that companies can lock down their entire Brownrice account with MFA in order to easily meet compliance and security requirements.  If you want to enable account level MFA, please skip to the "How do I enable MFA for my account?" section below.
 
User level MFA:
MFA can also be enabled on the user level without forcing account level MFA.  With user level MFA enabled MFA is only forced for your user alone.  This means that if you enable user level MFA for your dashboard user, no other users on the account will be forced to enable MFA.  If you want to enable user level MFA, please skip to the "How do I setup MFA for my user?" section below.

How do I enable MFA for my account?

First, login to the Brownrice Dashboard.

Next, navigate to the "Contacts" page:

Then, on the "Contacts" page, under the "Contacts" list, select "Enable MFA":

After you've clicked the "Enable MFA" button you'll see a pop-up Modal with a warning about MFA.  Once you have read and understood the warning, click the red "Enable MFA" button to proceed:

Once enabled, click OK when prompted to proceed to the MFA tab to complete your MFA setup:

How do I setup MFA for my user?

Once MFA has been enabled on the account level, procced to the MFA tab to complete the MFA setup for your user (you should be automatically redirected to this page after enabling MFA on the account level in the previous step):

On the MFA tab you should be prompted with 2 options for MFA setup:



Either option works fine.  

If you choose to go with the authenticator app option, please follow this FAQ to proceed.

If you choose to go with the SMS (text message) option, please follow this FAQ to proceed.

You cannot comment on this entry