Multi-Factor Authentication, or MFA, is an authentication process which requires the user to present two pieces of evidence to prove their identity. When Certify detects the user is login in from an unrecognized device, web browser, or IP address, the user will need to provide something they know (their password) and something they have (a temporary security code) to successfully authenticate.
In these situations, Certify will send a temporary code to the user's email address or to their mobile device to prove their identity.
In rare cases, a user may not receive a temporary security code. This typically happens when the user does not have a mobile phone number saved to their profile, or they do not have access to the email address associated with their Certify account.
This article shows you, a Certify Administrator, how to send a user a temporary login URL when the user cannot successfully satisfy the MFA requirements.
Step 1: On your Certify homepage, click Configuration.
Step 2: Click View and Edit Users.
Step 3: Search for the user in question.
Step 4: Click the pencil icon to edit the user record.
Step 5: Click Generate Temporary Login URL.
Step 6: A confirmation box will appear. Click Yes to send a Temporary Login URL to your inbox.
Step 7: Check your inbox. The email will provide instructions with how to provide this URL to the user in question.
Please Note: Because Certify cannot verify the user's identity, please be sure you have verified the user's identity through other means before sending them the Temporary Login URL.
When the user clicks the link in the email, they will be asked to enter their username an pasword but will not be asked to further verify their identity.
Step 8: To prevent this from happening in the future, ensure the user in question:
- Adds their mobile phone number to their Certify account
- Has access to the email address associated with their Certify account