Multifactor Authentication

Updated by Leigh Hutchens

Quinyx offers a solution for an extra layer of authentication security by offering Multifactor Authentication (MFA) via SMS/Text messages to the employee's registered phone number.

The MFA provider is an optional authentication method that can be activated to enforce a stronger authentication by requiring a second authentication based on a randomized 6-digit code sent to the user's mobile phone as a text message or to the e-mail of the user. The authentication code has a limited lifetime and if the user fails 5 times to provide the correct authentication code, the account will be locked.

The MFA provider will come at an extra monthly fee based on usage as well as a running cost for the amount of texts sent.

Logging in with MFA

The login flow is the same as for regular password flow with the addition of an extra step after password validation. Depending on the settings, the MFA logic will decide if the user should be challenged with a code or not.

Settings

To activate MFA, you can set the frequency of MFA Challenges: every time, once a day, once a week, once a month, or twice a month.Multifactor Authentication settings are only available to Quinyx since the activation requires a signed contract with Quinyx for invoicing.

The current list of options for frequencies of challenges

User contact details

Each user needs to have a mobile phone number added according to the E. 164 format:  E. 164 numbers can have a maximum of fifteen digits and are usually written as follows: [+][country code][subscriber number including area code] Example: +46705444444

How Did We Do?