Two-Factor Authentication (TFA/2FA) is an extra layer of security that requires not only a password and username but also an extra piece of information in order to log in. The goal of 2FA is to make it harder for potential intruders to gain access and steal your personal data or identity.
On the monday.com platform, you have two options to log in to your account with 2FA - either by a text sent to your mobile phone, or by using a code from an authentication app. 2FA is available for everyone and for each plan we offer. However, only admins of the account can enable this feature.
Enabling 2FA for my account
In order to enable the 2FA for the first time in the account, you need to be an admin of this account. If you are, then follow these simple steps:
Click on your profile picture on the top right corner of your screen and click on "Administration":
Next, select security. In the bottom section "Two-Factor Authentication", click on "add two-factor authentication"
In this step, you can choose your own preferred Two-Factor Authentication method - either to receive a text message to your mobile or by using an authentication app.
Once done, the 2FA will be active by default for all members on your monday.com account. You can then choose who you'd like to activate this for - members or guests or both.
Each team member/guest will then be asked to login using the 2FA. They can choose the method they prefer. We will cover both methods below so stay with us! 🙌
Activating 2FA via authentication app
If you select the option to log in via an authentication app (highly recommended!), you will need to scan the QR code initially, before receiving a one time password (OTP) to log in.
The next time you log in you will simply need to enter the new automatically generated code that appears on the authentication app. Every 30 seconds the code will renew itself, so make sure to enter it quickly. 😊
Activating 2FA via text message
If you select the option to login via text message, you will need to enter your phone number in order to set up the 2FA. A code will then be sent by text to your mobile phone to login.
The next time you log in, you will need to enter the new code sent to your mobile via text.
There you go! You have officially set up Two-Factor Authentication for your entire account! 🎉
Resetting 2FA
- Resetting 2FA from the Admin Section
If you are an admin of the account you are able to change the 2FA method of your team members/guests. This is very useful if your team members are experiencing issues with logging in via text message.
To do so, click on your profile picture in the top right-hand corner of your screen, select "Administration", and then select "Users". After finding the specific user's name, click on the three-dot menu to the right of their name. An option will appear to reset the 2FA method, so that they can easily log in once again.
- Resetting 2FA from My Profile
Team members can reset their own 2FA method by navigating to their profile section. There, they can decide which method they'd prefer to use, without nudging the admin of the account to do this for them.
What team members and guests see on their account
Once 2FA has been enabled by the Admin on the account, all team members/guests will be prompted to select which 2FA method they'd prefer to use when logging in. As with the Admin, depending on which of the two options is chosen, team members/guests will need to do a quick initial scan of the QR code, or they will need to enter their phone number to receive a code via text.
Frequently asked questions
Can I restrict which authentication method the members on my account can choose?
It is currently not possible to restrict your account members to a specific authentication method (SMS or App).
Will I be re-prompted to use the 2FA in if I close my browser window?
No, you will not have to log in with the 2FA again if you close your window. You will only be prompted to if you log out of your account or if you try to log into your account from a new device or browser that you have not used before.
If you have any questions, please reach out to our team right here. We’re available 24/7 and happy to help.
Comments