Two factor Authentication (2FA) or Multi-factor Authentication (MFA) provides an added layer of security to Folio. If Folio is asking you to set up Two-Factor Authentication or a code, that means your Folio Administrator has turned on Mandatory Two-Factor Authentication, Users will need to use their Folio password and a code generated by an Authenticator app or an Email to sign in to Folio.
There is not set up by a user to use 2FA by Email. But if a user is using an Authenticator App though they will need to do the following:
Setting up & using 2FA with an Authenticator App
If your Organisation's 2FA is via an Authenticator App, Folio will ask you to Register Your Two-Factor Authenticator.
Authenticator Apps are available through the App store on your phone some examples are Google Authenticator or Microsoft Authenticator. Download your preferred App and install it on your device.
Once you have installed the app you will need to scan the QR Code on Folio. The Authenticator app will provide you with a unique code which you can then enter in the text box labelled Two-factor authentication code. and click on the button Register with two-factor authenticator to log in.
Once this is setup every time you login, you will need to enter your password and the code from the Authenticator App.
Resetting Two-factor Authentication
If the user has replaced their phone or the Authenticator app, the 2 Factor Authentication will need to be removed and reset. A Super User or Admin must click on the Admin Gear Wheel and then click on Users and select the appropriate User and under the Tools menu select Remove two-factor authentication:
The next time the User signs in to Folio they will need to register Two-Factor Authentication with the steps listed above.
Using Email based 2FA
If your Organisation is using Email based 2FA you will need to first enter your username and password. You will then be sent an authentication code in your email.
You will need to enter this Code and then click the Verify Code button to log in to Folio.
Please Note: The code is valid for 3 minutes from the time it's generated. If it is not used within that 3 minutes then it will be invalid and you have to generate it again by clicking the Resend Email button on the Two-Factor Authentication screen.