Menu

How Do I Enable Two-factor or Multi-factor Authentication on My Account?

Avatar
Anisi Rouleau
Updated
Follow

Enabling Two-factor Authentication or Multi-factor Authentication on Your Account

Enabling multi-factor authentication (MFA) on your account will require an additional identity verification step at the time you log in. Once configured and enabled for an account, our system will require the use of an authentication code generated by an authenticator application each time you log in to your account.

Admins can set up MFA for any user on the account. Alternatively, users can self-enable MFA within the Learner Experience. Click the links below to navigate to a specific set of steps.

Note:

If you are using a single sign-on (SSO) login method, this feature is not applicable—your SSO application will authenticate instead.

Jump to:
Enabling MFA for Yourself as an Admin
Enabling MFA for Your End Users
Enabling MFA in the Learner Experience
Troubleshooting

 

Enabling MFA for Yourself as an Admin

The steps below outline how to enable MFA for yourself from the admin console. If you're logged into the Learner Experience, see the Enabling MFA in the Learner Experience section of this article.

To enable MFA from the admin console:

  1. Ensure you have downloaded an authenticator application on your smartphone. Check out our Multi-Factor or Two-Factor Authentication Applications article for some recommended apps.
  2. Click on your email address in the top-right of the screen and select Profile.
  3. On the screen that follows, you will see a barcode and an MFA secret code. You can either:
    1. Scan that barcode with your authenticator application.
      —OR—
    2. Manually enter the unique “secret key” provided to you beneath the barcode.
  4. At the bottom of the page, click the MFA Enabled checkbox.
  5. Click the Update Profile button to save your changes.

The next time you attempt to log in, you'll be prompted to enter an authentication code from the authenticator app on your smartphone. This will be required each time you log in to your account.

Back to Top

 

Enabling MFA for Your End Users

The steps below outline how to enable MFA for your users. MFA cannot be set for multiple users at once, each user must be set up individually. If you would like users to enable MFA on their own, see the Enabling MFA in the Learner Experience section of this article.

  1. Ensure you have downloaded an authenticator application on your smartphone. Check out our Multi-Factor or Two-Factor Authentication Applications article for some recommended apps.
  2. Go to the Users tab. 
  3. From the list on the Users subtab, find the user you'd like to enable MFA for. 
  4. Click the user's name or email address to go to their User Profile.
  5. Go to their User Information tab. At the bottom of the page, you'll see the Multi-Factor Authentication option.

  6. Click the Enable button. 
  7. A pop-up will appear with a barcode and an MFA secret code. You can either:
    1. Scan that barcode with your authenticator application.
      —OR—
    2. Manually enter the unique “secret key” provided to you beneath the barcode
  8. Click OK to close the pop-up, then click the Update User button at the bottom of the page to save these changes.

Back to Top

 

Enable MFA in the Learner Experience

Follow these steps to enable multi-factor authentication (MFA) from the Learner Experience:

  1. Ensure you have downloaded an authenticator application on your smartphone. Check out our Multi-Factor or Two-Factor Authentication Applications article for some recommended apps.
  2. Log in to your KnowBe4 training account.
  3. Click on your name in the top-right of the screen and select Profile.
  4. On the page that opens, go to the Multi-Factor Authentication section and click Enable.
  5. A pop-up will appear with a unique barcode. Open the authenticator application on your smartphone and scan the barcode.
  6. A six-digit one-time password (OTP) should appear on your authenticator app. Enter those digits on the Enable MFA setup screen.
  7. If the OTP is correct, the page will refresh and MFA will be enabled for your account. If the OTP is incorrect, MFA will not be enabled and you will need to try again.

Back to Top

 

Troubleshooting

If a user incorrectly enters their MFA code three times, they will be locked out of their KnowBe4 account. 

 

End Users

If you are an End User attempting to log in for training and you got locked out of your account due to MFA, please contact your IT administrator, manager, or supervisor.

 

Admins: Unlock a User's Account

To re-enable a user's account, after being locked out due to MFA, first disable MFA for that user. Then, enable MFA from their User Profile or have the user enable MFA from their Learner Experience.

 

Admins: Unlock Your Own Account

If you are an admin on your KnowBe4 account and you get locked out due to MFA, please reach out to our support team for assistance.

Back to Top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles