Protect your company's data with Procore's MFA by requiring users to select one of two verification methods at login. These methods add a security layer beyond passwords to prevent unauthorized account access.
|
Method |
Available For... |
Best For... |
How it works... |
Key Benefits |
|---|---|---|---|---|
|
Authenticator App |
Standard Procore Users and Procore Pay (Payors and Payee Admins) |
Users in remote areas, international travelers, or those handing sensitive financial and project data. |
A mobile app (like Google Authenticator or Okta) generates a 6-digit code every 30 seconds that you enter to login. |
No Signal Required: Uses a Time-Based One Time Password (TOTP) to generate codes locally using your device's internal clock. Higher Security: Codes are generated locally via an encrypted secret key through your authenticator app, protecting you from intercepted text messages and SIM-swapping attacks. |
|
SMS Verification |
Standard Procore Users (with phone numbers in US, Canada, UK, Ireland and Australia) and Procore Pay (Payee Admins) |
Users who want a quick, familiar setup without installing additional mobile device software. |
Procore sends a unique one-time code to your registered mobile number via SMS text message during login. |
Simplicity: No app download required. Familiarity: Works like standard online banking or retail verifications. |

