All users of paid accounts signing in with a username and password must authenticate with multifactor authentication (MFA) when connecting from a new device.
Single sign-on to the Celigo platform – such as through Google SSO or a custom SSO configuration – is an exception, since the provider typically performs MFA. However, to comply with company security policies, account owners and administrators can also require a user of their account to use MFA.
-
Sign in as an account owner or an administrator.
-
Open the avatar at the upper right of any page, and select Users.
-
In the Users tab, from the Actions overflow (...) menu, select Reset MFA.
The next time the user attempts to access your account, the device is no longer trusted, requiring MFA after signing in.
Owners and admins can also block the ability for all users to save trusted devices or set the number of days of inactivity after which a new authentication code is needed.
Consider the following while switching between accounts with varying MFA settings:
-
If you are already in an account that doesn't require MFA and then you switch to an account that requires MFA, you will be prompted to configure your MFA settings or enter the authentication code from your authentication device.
-
If you switch from one account to another account that allows trusted devices, and you're using a trusted device that you've recently used MFA to confirm your identity to access that environment, you will not be prompted to enter an authentication code.
-
If you switch from one account to another account that doesn't allow trusted devices, you will be prompted to enter an authentication code.