Documentation
Start typing to search…

Multi-factor Authentication

You can secure your Censys Platform account by adding multi-factor authentication (MFA) with an authenticator app like Google Authenticator, Microsoft Authenticator, Duo Mobile, and more.

Organization admins can require organization users to enable MFA in order to access the Platform.

Enable MFA for your account

To enable MFA for your account:

  1. In the Platform web console, click your user icon in the top right corner. Select My Account. Go to Personal Settings > Security.

  2. Under Multi-Factor Authentication (MFA), Click Configure MFA.

  3. Scan the QR code or enter the generated key using your authenticator app of choice.

  4. Generate and enter a verification code from your app.

  5. Click Verify & Enable. Store your recovery codes in a secure place.

The next time that you log in, you will be required to enter a code from your authenticator app.

Update your MFA configuration

To update the MFA configuration for your account:

  1. In the Platform web console, click your user icon in the top right corner. Select My Account. Go to Personal Settings > Security.
  2. Under Multi-Factor Authentication (MFA), click Update Configuration and follow the process shown above to set up your new MFA app.

Unlink your MFA configuration

To unlink MFA for your account:

  1. In the Platform web console, click your user icon in the top right corner. Select My Account. Go to Personal Settings > Security.
  2. Under Multi-Factor Authentication (MFA), click Unlink Authenticator App and confirm your choice.

Organization MFA management

📘

Note

Only organization admins can configure MFA settings for their entire organization.

To manage whether MFA is required for users in your organization:

  1. In the Platform web console, in the left side navigation panel, click your organization name and click the Settings button. Go to Organization Settings > Security.
  2. Next to Multi-factor Enforcement, set the toggle to on or off.
  3. Click Update Organization Security to save your configuration.

If you turn on MFA enforcement for your organization, users will be required to set up MFA the next time they log in.

Reset user MFA

Organization admins can reset the MFA configuration of a user in their organization.

If your organization does not enforce MFA, when you reset a user's MFA configuration they will be able to access their organization account without completing MFA.

If your organization enforces MFA, then the user will not be able to log in to their organization account until they re-enable MFA. The user be prompted to re-enable MFA the next time they log in.

To reset a user's MFA:

  1. Go to Organization Settings > Members.

  2. On a user's entry, click the three-dot menu icon. In the menu that appears, click the Reset MFA icon.

  3. Read the warning and click Yes, Reset to reset the user's MFA configuration.

MFA and SAML SSO

If you enable MFA enforcement and have SAML SSO configured, MFA enforcement will only apply to users in your organization that are not authenticated with SAML via your identity provider.

Updated 13 days ago