Enterprise-Wide Multi-Factor Authentication (MFA), Tailored to Your Team’s Needs
Balance ease of access with account security!
Purpose
To provide enterprise administrators with flexible, organization-wide control over Multi-Factor Authentication (MFA) policies through the Portal’s Enterprise Settings. This feature empowers teams to align authentication requirements with their security standards by choosing from Disabled, Optional, or Required modes.
Managing MFA Policies in Portal
Accessing MFA Settings
MFA (Multi-Factor Authentication) policies can be managed in the Enterprise Settings area of the Portal.
Only enterprise admins (Portal admins) have access to these settings.
MFA can be set to one of three options:
Disabled: Disabling MFA will remove all configured MFA methods from user accounts. Users will no longer be prompted for a second authentication factor when logging in. Existing MFA methods will be restored when MFA is re-enabled.
Optional: Making MFA optional will allow users to choose whether they want to enable additional security for their accounts.
Required: Requiring MFA will force all users to set up at least one MFA method upon their next login. Users without MFA will not be able to access the system until they configure it.
The MFA experience uses Email Authentication. Users receive a one-time verification code via email to verify their identity. The platform guides users through setup with simple, step-by-step modals.
When the policy is Optional or Required, MFA options are visible in each user’s profile. When Disabled, the section is hidden entirely.
A confirmation dialog will appear whenever the MFA policy is changed.
The change will take effect within the next several minutes for all users.
⚠️ IMPORTANT: Multi-Factor Authentication (MFA) settings configured via the profile page only apply when users log in using the Regis email + password method.
If users sign in using Single Sign-On (SSO) (e.g., Google, Microsoft), your organization’s identity provider is fully responsible for authentication—including any MFA requirements.
MFA is not required for any other login methods that do not involve entering a username and password, such as:
Anonymous user access
Reviewer links
SCORM-based launches
When MFA is Set to “Optional”
If “optional” is set up by the Portal Admin, then users are not required to use MFA but can choose to enable it in their profile.
To Enable MFA (Optional):
Go to your Profile.
Click the “Enable MFA” button (if MFA is not already active).
A modal will appear. Select “Email Authentication.”
Click “Send Verification Code” to receive a code via email.
Enter the code and click “Verify Code.”
Once verified, the button will change to “Configure MFA.”
To Disable MFA (Optional):
Users can disable all MFA methods when policy is "optional" by clicking “Configure MFA” to open the modal and then selecting ‘Disable MFA”. Doing so will change the “Configure MFA” back to “Enable MFA” button.
Click the “Configure MFA” button.
In the modal, select “Disable MFA.”
The button will revert to “Enable MFA.”
Login Experience:
Users who have enabled MFA will be prompted for an access code upon login.
Those who have not enabled it will log in with only their credentials.
When MFA is Set to “Required”
All users must complete MFA setup and use it to log in.
💡 NOTE: SCORM packages, SSO logins, and Reviewer links are exempt from MFA requirements, even when the enterprise policy is set to Required.
Login Process (First-Time Setup):
After entering valid login credentials, users are prompted to set up MFA.
Select “Email Authentication.”
Click “Send Verification Code” to receive a code via email.
Enter the code and click “Verify Code.”
Click “Done” to return to your Profile.
Ongoing Login Experience:
Users are prompted to enter an access code each time they log in.
The “Configure MFA” button will appear in the profile but cannot be used to disable MFA.
FAQs
Who can manage MFA settings in Portal?
Only enterprise admins (Portal admins) can access and change MFA policies in the Enterprise Settings section.
Where do I find the MFA setting in Portal?
Go to the Enterprise Settings area. MFA policy settings toggle will be available there to admin users.
What are the different MFA policy options?
Disabled – MFA is turned off for all users.
Optional – Users can choose whether or not to enable MFA in their Profile.
Required – All users must set up MFA to log in.
What happens when the MFA policy is changed?
A confirmation dialog appears before the change is applied. Users may need to complete or update their MFA setup depending on the new policy.
Will I see MFA settings in my profile?
Only if your enterprise MFA policy is set to Optional or Required. If it’s Disabled, the MFA section is hidden.
If MFA is Optional, will I be prompted for a code every time I log in?
Only if you’ve enabled MFA in your profile. If not, you’ll log in using just your password.
Can I turn off MFA if it's Optional?
Yes. You can disable MFA by clicking “Configure MFA” in your profile and selecting “Disable MFA.”
Can I disable MFA if it’s Required?
No. If your enterprise policy is Required, MFA must be enabled and cannot be turned off by users.
What authentication method is available for MFA?
Currently, Email Authentication is used. A verification code is sent to your email to complete login or setup.
What do I do if I don’t receive the verification code?
Check your spam folder or try clicking “Send Verification Code” again. If issues persist, contact your admin.
Will I need to enter an MFA code for SCORM, SSO, or Reviewer links?
No. Once you’ve logged in successfully, those features will not require a separate access code—even if MFA is Required.
How does the "Remember this device" option work for MFA?
When you enable MFA and enter your access code, you’ll see the option to “Remember this device.” If you check this box, you won’t be asked to enter an access code again on that device for 30 days.
After 30 days, the system will prompt you to enter a new verification code the next time you log in.
