Multifactor Authentication (MFA)

Information and setup for Multifactor Authentication

Callum McKain
Callum McKain
August 11, 2025

In update 5.58.0 we introduced MFA.

MFA Basics

Administrators can now manage Multifactor Authentication (MFA) settings across their servers. This gives organisations more control over their security posture, with flexible options to match different user and compliance needs.

With this update, administrators can set MFA to one of three modes:

  • Enabled — All users are required to set up MFA at login. The setup process is simple: users scan a QR code with any standard authenticator app and follow the on-screen steps.
  • Optional — MFA remains available, but it’s up to individual users to enable it (or admins can enable it selectively for certain accounts).
  • Disabled — MFA is turned off, and users authenticate with just their username and password.

This update makes it easier to enforce strong authentication practices — whether organization-wide or on a case-by-case basis.

Setup

Multifactor Authentication settings can only be configured by administrators. If you have admin access, getting started is simple:

  1. Go to Menu > Administration > Security.
  2. Scroll down to the Multifactor Authentication section.
  3. Choose the authentication level that fits your organization’s needs:
    • Disabled
    • Optional
    • Enabled

Once set, your chosen MFA policy will apply across the server, helping you enforce the right level of security for your environment.

Enforcing MFA for Specific Users

When MFA is set to Optional, administrators still have the ability to enforce MFA on a per-user basis. This is useful if you want to require MFA for high-privilege accounts or specific roles, without making it mandatory for everyone.

To enforce MFA for an individual user:

  1. Go to Menu > Administration > Users.
  2. Select the user you want to manage.
  3. In the Security section, scroll down to Multifactor Authentication.
  4. Toggle Enforce Multi-Factor Authentication to require MFA for that user.

You can also use this section to reset MFA if the user needs to re-register their device — for example, if they get a new phone or lose access to their authenticator app.