Enable Multi-Factor Authentication (MFA) for your Company's Procore Account (Closed Beta)
Objective
To enable Multi-Factor Authentication (MFA) for all users in your Procore Directory.
Background
Multi-Factor Authentication (MFA) adds an extra layer of security to your company's Procore account when enabled. You can choose to enable MFA for all users in your Company Directory. MFA cannot be configured on a per-project or per-user basis at this time.
Things to Consider
- Required User Permissions:
- 'Admin' level permissions on the Company level Admin AND Directory tools.
- Limitations:
- For companies who have enabled Single Sign-On (SSO) with Procore:
- Users with a login email containing a domain targeted for SSO cannot use Procore MFA.
- MFA for SSO users can only be configured through your Identity Provider (IdP).
- For companies who have enabled Single Sign-On (SSO) with Procore:
Steps
- Navigate to the Company level Admin tool.
- Under the Company Settings menu, click Security Settings.
- Select the Multi-Factor Authentication (MFA) tab.
- Toggle Require MFA to the 'on' position.
- Select an Enforcement Deadline date. This date will be the first day your users are required to log in using MFA.
*time zone of person making selections - Select the frequency of re-authentication:
Frequently (12 hours). Users need to re-authenticate using MFA every 12 hours.
Weekly (7 days). Users need to re-authenticate using MFA once every 7 days.
Monthly (30 days). Users need to re-authenticate using MFA once every 30 days. - Click Save Changes.
Note: Saving your MFA configuration does NOT immediately enforce MFA upon your company's users. MFA enforcement begins on the date selected in your configuration. You can change this date later and re-save your configuration if needed.