1. Home
  2. /Guides
  3. /Admin
  4. /Security
  5. /Multi-factor authentication (MFA)

Multi-factor authentication (MFA)

Multi-factor authentication provides enhanced login security requiring an Airship user to provide a password and at least one other authentication method.

Multi-factor authentication is a user authentication mechanism that enforces the use of a password in combination with a piece of unique information that only you can access, such as a passcode in an SMS sent to a mobile device that you own, or a time-based one-time password (TOTP) from your authenticator application. Only if all provided information is correct will the authentication succeed.

Airship’s MFA provider is Okta. Authentication methods are an authenticator app, text messages (SMS), biometrics, or a security key. The actual list may vary depending on the configuration of your system. For the authenticator app option, while the setup screen specifies Google Authenticator, you can use Bitwarden Authenticator, Last Pass Authenticator, or similar.

We advise enabling multiple authentication methods in order to reduce the likelihood of being locked out of your account if one method should become unavailable. Although it is possible to use the same authentication method more than once — for example, you may set up two or more SMS numbers — we do not suggest this practice. For optimal security, set up multiple distinct authentication methods.

 Important

  • All Airship users must configure MFA, except those required to log in via custom SSO configurations.

  • MFA is Airship’s replacement two-factor authentication (2FA), which was deprecated August 2023. Users who had 2FA configured will be prompted to migrate to MFA.

Configuring MFA

To start the configuration process, you must follow the activation link sent to your account’s email address.

  • For new accounts, we will automatically send an activation link when you create an account.
  • As of October 23, 2023, users with existing accounts who have not yet set up MFA will be prompted and are required to do so upon their next login. Dashboard access is limited until you have completed all steps in the process.

After following the activation link, you will:

  1. Set your password. For existing accounts, you must change your current password.
    • For existing accounts and accounts created via Team Access invitations, you must also configure an MFA method.
    • For other new accounts, you will not be prompted to set up MFA until after logging in with your new password. If you want to set up MFA immediately, follow the steps in Managing authentication methods.
  2. Log in with your new password.
  3. Set up MFA or log in with an existing MFA method.

We recommend configuring more than one MFA method so you will be able to recover your account without needing to contact Support.

Managing authentication methods

Multi-factor authentication (MFA)
Okta MFA configuration options

You can add additional authentication methods and remove existing methods, but you must maintain at least one.

  1. Select the account menu icon () in the dashboard header, then select Account Info.

  2. Select Manage for Multi-Factor Authentication. Your Okta account page will open in a new tab.

  3. Follow the onscreen steps to make changes to your authentication methods.