When you enable this setting, all users in your organization will have to use a time-based, one-time password (TOTP) authenticator app, such as Duo, Microsoft Hello, or Google Authenticator. The authenticator app provides a TOTP token for users to authenticate themselves to Webex.

If a user gets a new mobile device or needs to reset the authenticator, have them reset their Webex account password so they can re-enroll with the authenticator app.


We highly recommend that you use Duo since it's free for both iOS and Android.

Before you begin

Inform your users that you're going to enable MFA, and when and how they should enroll and use the authenticator by:

  • Telling users where to find the app, and that they need to download and install it to prepare for when you enable MFA.

  • Providing users with instructions on how to enroll. For example:

    • Run Webex Teams and provide email address and password as usual. When you click next, Webex Teams shows you a QR code.

    • Open your authenticator app and add a new account.

    • Point your phone's camera at the QR code when prompted. This links the new authenticator account with your Webex identity.

    • Click Next on the Webex QR code screen.

    • Generate a new code with the authenticator app.

    • Enter the code into the Webex sign-in screen, and click Submit.

  • Reminding users when you're going to enable MFA.


If your organization has single-sign on (SSO) enabled, then the MFA setting isn’t supported.

1

From the customer view in https://admin.webex.com, go to Settings and scroll down to the Authentication section.

2

Toggle the switch under Multi-Factor Authentication to on.

Users will have to enroll with the authenticator app the next time they sign in to Webex.

 

If a user is already authenticated and using a valid OAuth token to remain signed in, then they'll stay signed in. They're asked to enroll when they have to sign in again.