Two-Factor Authentication

You can now add an extra layer of security to the way your team members login to your Method Grid account.

Method Grid has the following authentication methods for your account members:

1. Email and password
2. Single sign-on e.g. Microsoft or Okta

In our latest release, we are augmenting the first of these authentication methods by giving users the option to setup two-factor authentication alongside their email and password. This is available on our Professional and Enterprise plans.

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), is a security measure designed to enhance the security of online accounts and systems. It adds an extra layer of protection by requiring users to provide two different types of authentication factors to verify their identity. For Method Grid, the first type of authentication is your email and password and the second type is a code provided by an authenticator app on your phone.

Note: Users authenticating via a single sign-on provider can enable two-factor authentication with their provider and do not need to configure this within Method Grid.

Configuring Two-Factor Authentication

Your team members can configure their two-factor authentication in their security settings (My Settings > Security). Simply scan the QR code with your preferred authenticator app and enter the code the app generates to enable two-factor.

Once enabled, you will have the opportunity to download/copy a set of recovery codes. These recovery codes let you login if you do not have your authenticator app. These codes can only be downloaded/copied at this stage, they cannot be generated again, so make sure you download/copy them and keep them in a safe place!

Logging in with Two-Factor Authentication

Once configured, the next time you login, you will first have to enter your email and password as usual, you will then be asked to provide the code from your authenticator app to complete your login. You can then choose whether to remember this device for 30 days, during this 30 day window, if you need to login again, you will only need to enter your email and password, you will not be asked to enter the code from your authenticator app.

If you do not have your authenticator app, you can choose to enter one of your recovery codes instead.

Two-Factor Authentication Problems

If you do not have access to your authenticator app you have the following options:

1. Enter a recovery code to login
2. Contact your account Architect (super admin) and ask them to reset your two-factor authentication

If you need to change your authenticator app or set it up again, return to your security settings (My Settings > Security) and select change two-factor authentication method.

Managing Your Member’s Two-Factor Authentication

Account Architects (super admins) can manage their member’s authentication in a number of ways:

Enforce Two-Factor Authentication

If you want all your members to use two-factor authentication, you can toggle on the enforce two-factor authentication option in your account settings (Account Settings > Security). Once on, all account members will see a banner asking them to configure their two-factor authentication, this banner will remain until they do this. Also, if the member logs in before they have setup their two-factor authentication, they will be asked to complete the setup immediately, before they are logged in.

Review Authentication Methods

In your account members list, you can now review which authentication method each of your members are using, this can be one of:

• Email/password = they are only using email and password to authenticate, no two-factor is enabled
• Two-factor authentication + email/password = they have two-factor enabled
• Single sign-on = they use your single sign-on provider to authenticate

Reset a Member’s Two-Factor Authentication

In your account members list, you can also reset a member’s two-factor authentication by clicking the reset link. Once confirmed, this will remove two-factor authentication for that member and they will have to set it up again. Be sure that you know this request is genuine before doing this!

Feedback

If you have any feedback on this feature, please get in touch.

What’s next?

We will be rolling out more UI changes soon and opening up our AI Assistant to beta testers. You can see all of our upcoming releases in our product roadmap.