- Home
- /
- Article
Enable multi-factor authentication integration in Control Hub
If you want to add an extra layer of security for users in your organization, you can enable multi-factor authentication (MFA) in Control Hub. Users then have to enter codes from an authenticator app on their mobile devices to sign in to Webex.
When you enable this setting, affected users in your organization will have to use a time-based, one-time password (TOTP) authenticator app, such as Duo, Windows Authenticator, or Google Authenticator. The authenticator app provides a TOTP token for users to authenticate themselves to Webex.
If a user gets a new mobile device or needs to reset the authenticator, have them reset their Webex account password so they can re-enroll with the authenticator app.
We highly recommend that you use Duo since it's free for both iOS and Android.
Before you begin
-
Telling users where to find the app, and that they need to download and install it to prepare for when you enable MFA.
-
Providing users with instructions on how to enroll. For example:
-
Run Webex App and provide your email address and password as usual. When you click next, Webex App shows you a QR code.
-
Open your authenticator app and add a new account.
-
Point your phone's camera at the QR code when prompted. This links the new authenticator account with your Webex identity.
-
Click Next on the Webex QR code screen.
-
Generate a new code with the authenticator app.
-
Enter the code into the Webex sign-in screen, and click Submit.
-
-
Reminding users when you're going to enable MFA.
1 |
Sign in to Control Hub. |
2 |
Go to Multi-Factor Authentication section. and scroll down to the |
3 |
Turn on Allow Multi-Factor Authentication. |
4 |
Select from the following settings:
Regardless of the setting chosen above, users must enroll with the authenticator app the next time they sign in to Webex. You can also configure MFA for organisations using multiple IdPs within your organization in Control Hub. For more information, see SSO with multiple IdPs in Webex. |
Users stay signed in if they're already authenticated and using a valid OAuth token to remain signed in. They're asked to enroll when they have to sign in again.
Reset multi-factor authentication for an individual user
1 |
Sign in to Control Hub. |
2 |
Go to Users and select the user you want to reset. |
3 |
Scroll down to Security and select Reset MFA. The user receives an email alerting them to the MFA reset.
|