For an added layer of security, you can make multi-factor authentication (MFA) mandatory for all users in your IT Glue account as well as your clients' MyGlue accounts.
MFA, sometimes referred to as two-factor authentication or 2FA, is a two-step verification process focused on helping secure access to user accounts.
- You must have Administrator or Manager-level access to turn on this setting.
- You can review the list under Account > Users to check which users have already enabled MFA prior to making it a policy. If an MFA padlock icon is open, it means the user hasn't set up their MFA yet.
- All account users must have a cellphone that can run an MFA provider's app. Please see our Setup multi-factor authentication (MFA) KB article for suggestions on compatible apps.
Note: Keep in mind that if you enforce MFA, then IT Glue Lite users must also enable it to log in.
Enforce MFA for IT Glue
- Log in to your IT Glue account and navigate to Account > Settings.
- Click the Authentication tab and select the Require MFA for access to this account checkbox.
- Click Save.
Next time users log in, they will be prompted to set up MFA if they haven't already. If you disable enforced MFA, it remains enabled for users until they disable it from their account settings.
Enforce MFA for MyGlue
You can turn on MFA for a MyGlue account when configuring the account, or be editing an existing account. To get started, follow the steps below:
- Navigate to Account > MyGlue.
- Click the Action button and select Edit on the organization you want to enforce MFA for.
- On the Edit MyGlue Account screen, check Require MFA for access to this MyGlue account and click Save.
How do SSO and enforced MFA work together?
You can have both single-sign on (SSO) and enforced MFA turned on in your IT Glue account, plus set MFA up through your SSO provider. This gives you the highest security for an SSO enabled IT Glue account, by making sure that only users with MFA set up have the ability to log in.
What happens when someone is locked out?
An Administrator can reset the user's MFA from the Account > Users screen. Find the user's name and click the (pencil icon) on the far right. On the Edit User screen, click the Reset MFA link to immediately reset the user's MFA.
You can find other MFA troubleshooting help in our Troubleshooting MFA login article.