1. Home
  2. /Guides
  3. /Admin
  4. /Security
  5. /Multi-factor authentication (MFA)

Multi-factor authentication (MFA)

Multi-factor authentication provides enhanced login security requiring an Airship user to provide a password and at least one other authentication method.

Multi-factor authentication is a user authentication mechanism that enforces the use of a password in combination with a piece of unique information that only you can access, such as a passcode in an SMS sent to a mobile device that you own, or a time-based one-time password (TOTP) from your authenticator application. Only if all provided information is correct will the authentication succeed.

Airship’s MFA provider is Okta. Authentication methods are text messages (SMS), an authentication app, biometrics, or a security key. The actual list may vary depending on the configuration of your system.

We advise enabling multiple authentication methods in order to reduce the likelihood of being locked out of your account if one method should become unavailable. Although it is possible to use the same authentication method more than once — for example, you may set up two or more phone numbers — we do not suggest this practice. For optimal security, set up multiple distinct authentication methods.

 Important

  • All Airship users must configure MFA, except those required to log in via custom SSO configurations.

  • MFA is Airship’s replacement two-factor authentication (2FA), which was deprecated August 2023. Users who had 2FA configured will be prompted to migrate to MFA.

Configuring MFA

To start the configuration process, you must follow the activation link sent to your account’s email address.

  • For new accounts, we will automatically send an activation link when you create an account.
  • As of October 23, 2023, users with existing accounts who have not yet set up MFA will be prompted and are required to do so upon their next login. Dashboard access is limited until you have completed all steps in the process.

After following the link, you will:

  1. Set your password. For existing accounts, you must change your current password.
  2. Set up an authenticator app as an authentication method. While the setup screen specifies Google Authenticator, you can use Bitwarden Authenticator, Last Pass Authenticator, or similar.
  3. Log in again with your new password and authentication method to complete configuration.

We strongly recommend adding another method so you will be able to recover your account without needing to contact Support.

Managing authentication methods

Multi-factor authentication (MFA)
Okta MFA configuration options

You can add additional authentication methods and remove existing methods, but you must maintain at least one.

  1. Select the account menu icon () in the dashboard header, then select Account Info.

  2. Select Manage for Multi-Factor Authentication. Your Okta account page will open in a new tab.

  3. Follow the onscreen steps to make changes to your authentication methods.