Multi factor authentication works for users accessing with email and password. Single sign-on users won't have the Multi factor authentication available.
Why is MFA Important for Your Security?
At Factorial, protecting your account is our top priority. Multi-Factor Authentication (MFA) adds an extra layer of security to your account by requiring not just your password but also a second form of verification. This significantly reduces the risk of unauthorized access, even if someone else manages to obtain your password.
Think of it like a double-lock system for your account—your password is the first lock, and the MFA verification is the second. Together, they make your account much harder to break into.
How MFA Enhances Your Security?
Because your role gives you access to very sensitive information, such as financial data, customer details, or administrative controls, we’ve implemented additional security measures to protect your account.
This code will only be needed when you have logged out from the PC or a certain amount of time has passed since the last login.
We offer two options for MFA:
Email MFA
This method is not configurable: it's automatically applied if an admin hasn't set up the MFA app.
- When you sign in, we’ll send a unique, one-time code to your registered email address
.png)
2. You’ll need to enter this code to complete your login
.png)
3. If you don’t receive the email, you can easily request to resend it
Authenticator App MFA
- Go to Settings → Security Settings in your Factorial account
- In the MFA section, click the link that opens a QR code for configuring your authentication app (e.g., Google Authenticator, Authy)
- Scan the QR code with your app
- Once set up put the generated code in the input, the app will generate secure, time-sensitive codes for you to enter during login
.png)
App-based MFA is the only method that users can actively configure. If it's not enabled, the system defaults to email-based MFA for admins.
FAQs
Can I choose whether employees use MFA via app or email?
No. Only app-based MFA is supported as a configurable option. Email is a fallback exclusively for admins who haven’t set up app MFA. It cannot be manually activated or deactivated.
Why can’t I disable email-based MFA?
It’s a security fallback that ensures admins with sensitive permissions still go through a verification process. It only applies if app-based MFA is not configured.