Getting Started / Security

Multi-Factor Authentication (MFA)

Protect admin and employee accounts with authenticator-app codes, required by many orgs before production rollout.

Real-world scenario

Maya Chen · IT Manager

WorkVerge's security policy now requires MFA for every admin. Maya enrolled yesterday; today she's walking Carlos through the same flow before he touches production asset data.

Before you begin

  • TOTP authenticator app on your phone
  • Org may enforce MFA from My Organization → Config → Security

Overview

MFA adds a second step after your password, a rotating 6-digit code from your phone. It stops credential-stuffing attacks even if someone phishes a password.

For example

Carlos uses Authy on his iPhone. At login he enters password then 482 193 from the app.

Enroll MFA

  1. 1

    Sign in as usual

    If MFA is required, you'll see an enrollment prompt after password.

  2. 2

    Open enrollment

    Follow the banner or go to MFA enrollment from your profile.

  3. 3

    Scan the QR code

    Use Google Authenticator, Authy, or 1Password, any TOTP app.

  4. 4

    Enter the 6-digit code

    Confirms your phone and WorkVerge are in sync.

  5. 5

    Save backup codes

    Print or store in a password manager, not in the same note as your password.

Lost your device?

  1. 1

    Reach the MFA challenge

    Enter email and password on the login screen first.

  2. 2

    Choose recovery

    Select "Use recovery code" if you lost your phone.

  3. 3

    Enter one backup code

    Each code works once; you'll get new codes after re-enrollment.

  4. 4

    Re-enroll on a new device

    Scan a fresh QR so you're not locked out again.

No backup codes?

Contact your org admin. Only they can reset MFA enrollment. WorkVerge support cannot bypass your org's security policy.

For admins

Enforce MFA and revoke sessions from Configurations → Security. Use this when someone leaves the company or reports a stolen laptop.

Related articles