Multi-Factor Authentication (MFA) Administration
Giva's MFA solution and how to enable it for your organization
Overview
Multi-factor Authentication (MFA) in Giva adds an extra layer of security by requiring a secondary form of authentication, in addition to the usual login ID and password. For organizations using Single Sign-On (SSO), it's recommended to enable MFA with the SSO provider for streamlined authentication.
Enabling MFA in Giva
Administration Setup
- Accessing MFA Settings: Administrators can enable MFA through the "Multi-factor Authentication (MFA)" page in the administration section.
-
MFA Enforcement Options:
- Enable MFA by Profile: Offers optional MFA for each user, allowing them to opt-in or out through their password settings.
- Mandatory for Administrators and Agents: Requires MFA for users with Administrator or Agent roles, providing additional security for key personnel.
- Mandatory for All Users: Enforces MFA for every user, including Administrators, Agents, and Customers, ensuring uniform security measures.
User Setup
- MFA Application Requirements: Users must have an MFA application that supports Time-based One-time Password (TOTP), such as Google Authenticator, Microsoft Authenticator, Duo, or 1Password.
- User-Level MFA Setup: Once enabled, users must follow steps to link their MFA device with Giva, ensuring secure access.
Managing MFA in User Profiles
- Disabling MFA: Users can disable MFA in their profiles, removing the MFA requirement and backup codes from Giva.
- Using Backup Codes: If a user misplaces their MFA device, backup codes can be used for login.
- Resetting MFA for Lost Devices: In case of a lost or broken MFA device, MFA can be reset in the user’s profile, prompting a new setup process with a different device.
