Set up multi-factor authentication
Multi-factor authentication (MFA) is a security process that requires you to provide two or more pieces of evidence to verify your identity before accessing your emnify account. These pieces of evidence (also known as factors) are typically numeric codes that are either sent to an email address or phone number by the emnify system or provided by a third-party authenticator app.
MFA enhances security by adding an extra layer of protection that makes it more difficult for unauthorized individuals to access your account. Even if someone knows your password (the first factor), they would still need access to your second factor (for example, your phone or email account) to successfully log in.
MFA is sometimes called two-factor authentication (2FA) and has historically been at emnify.
As of March 2024, MFA is mandatory for all non-trial emnify Portal accounts to proactively safeguard our IoT ecosystem and meet regulatory security compliance. For more information, see the MFA FAQ in the emnify Knowledge Base.
Supported methods
emnify supports the following MFA methods:
- Email authentication (default)
A one-time code or an authentication link is sent to the email address associated with the account. - App authentication (configured in the Portal)
Time-based one-time password (TOTP) MFA where a code is generated using a third-party authenticator app (for example, Google Authenticator) and entered during the login process.
As soon as one of these methods is enabled, you'll need to enter a one-time code to verify your identity if you log in to the Portal on a device you haven't set as trusted, use a different browser, or change your password.
Set up email authentication
You must set up MFA if you're invited to an existing non-trial Workspace or when your trial plan expires. Email authentication is the default, but you can configure app authentication later in the Portal.
MFA isn't required if you're on the Trial plan, but you can still configure app authentication to secure your account.
-
Log in to your emnify account with your email and password as usual.
-
Navigate to the email account you use to access the Portal. Open the message from emnify with your 6-digit verification code. The code is valid for 20 minutes and should contain letters and numbers.
tipCheck your spam folder if you haven't received a code after a few minutes.
-
Go back to the Portal. Enter the code and click Verify code to verify your identity.
Need help verifying your identity?
You may have issues verifying your identity once MFA becomes mandatory.
Here are a few common error messages and what to do if you see them:
This code is invalid, please try again.- Re-enter your code and click Verify code again.
- Wait at least five minutes, and then click Resend. Enter the new verification code once you've received it.
- Still having trouble? Contact the emnify support team.
- Click Resend and enter the new verification code once you've received it.
- Still having trouble? Contact the emnify support team.
- Re-enter your code and click Verify code again.
- Click Resend and enter the new verification code once you've received it.
- Still having trouble? Contact the emnify support team.
- Wait at least five minutes, and then try to log in again.
- If you've waited and the next attempt is blocked, contact the emnify support team.
Assuming no errors, you'll be redirected to the Dashboard with a message that your account's email authentication is now successfully enabled. 🎉
Configure app authentication in the emnify Portal
- Log in to your emnify account.
- Navigate to User Settings by clicking on your avatar and selecting User Settings from the dropdown menu.
- Find the Multi-factor authentication section and select Set up next to App authentication.
- Enter your password to verify your identity, then click Submit.
- Activate your device's temporary authentication key by scanning the QR code with a third-party authenticator app. Alternatively, click here in the Portal text to reveal a secret key and add it to your app. After you've scanned the QR code or entered the key, a 6-digit token appears in the app.
- Finally, return to the Portal and enter the token.
Assuming no errors, app authentication is now enabled for your account. 🎉
Third-party authenticator apps
A third-party authenticator app is an alternative way to receive your verification code. Instead of receiving an email or SMS, these apps provide a randomly generated and frequently changing code that you can enter to verify your identity.
Popular third-party authenticator apps that you can use with your emnify account:
- Authy
- Google Authenticator (Google Play Store or App Store)
- Microsoft Authenticator
Disable app authentication
- Navigate to Multi-factor authentication under User Settings.
- Select Disable next to App authentication.
- Review and confirm the changes by clicking Yes, use Email MFA.
info
Email authentication is set by default if you disable app authentication.
Manage trusted devices
Reaching for your device and entering a one-time password every time you need to log in to your account can be a pain, especially if you usually sign in from the same device. To bypass this process, select Trust this device before entering the MFA code from your authentication app.
Then, Trusted Devices should be visible in the Two-Factor Authentication section of User Settings. These devices remain trusted for 90 days. After that, you'll need to verify your identity again.
To remove a device from Trusted Devices, click Remove.
Your changes are saved automatically.