Multi-Factor Authentication (MFA) Login

We are excited to announce that we have added Multi-Factor Authentication to Eddy. 

Eddy will support two methods of Two-Step Authentication: Text Messaging (SMS) authentication, and Mobile App authentication.

Enabling Two-Step Authentication as an Admin

To require Multi-Factor Authentication for those on your team, first go to the admin tab followed by the preferences sub tab. From there, you as the admin will be able to determine who you would like to login through MFA. 

Enabling Two-Step Authentication for your own account

To enable MFA for your personal account to ensure extra privacy, the user goes to the Account Settings page.

The user can use either an authenticator app or an SMS message to authenticate.

Using Google Authentication

The user will be asked to scan the barcode on their screen with their mobile device’s camera.

The words “Google Authenticator” link to a URL in a new window.

The next page asks the user to confirm the code that is shown on their device to finish the setup. In order to set up Two-Step Authentication, we require the user to re-enter their account password.

Using Text messaging (SMS)

Click "Set up SMS" under the Two-Step Authentication section.The user will be asked to enter their phone number. 

Eddy will send the user a 6-digit verification code.

The user must enter their unique verification code to confirm the correct phone number.

In order to setup Two-Step Authentication we require the user to re-enter their account password.

When the correct 6-digit code is entered, we show a success message that includes a backup code.

Now the setup process is complete. Going forward, Eddy will request a code when the user signs in.

When MFA is enabled, we show this success message, and also give the user a backup code that can be used to unlock MFA if they lose access to their phone.

Disable Two-Step Authentication

If a user wants, Two-Step Authentication can be disabled. This is done on the account settings page. This can only be done if MFA was set up by the individual and not the admin of the company. 

User Login

If Two-Step Authentication is enabled for the user, we’ll require that after the user logs in.



Mobile

When MFA is enabled, the user must enter a token on their mobile device.

Sign in another way

If the user does not have their phone with them, users see a link to “Sign in another way”.

Enter Backup Code

The user can enter a backup code if they don’t have access to their mobile device. This flow will disable MFA for the user until they re-enable it in Account Settings.

Two-Step Authentication Enablement Report

This report shows a list of the last login for each user, and shows if Two-Step Authentication is enabled for that user. If MFA is enabled for a user, the owner role use has a button to reset the MFA, which will remove the requirement for an MFA token on login for that user.