Multi-Factor Authentication (MFA) adds an additional layer of security to logins, by enabling a two-step authentication process via users’ mobile devices. MFA can either be enabled on personal accounts only (A) or be made mandatory for the whole organization, by the decision of the Organization Administrator (B).
A. MFA - Personal Accounts
When MFA is enabled on a personal account, in addition to entering their username and password upon each login, administrators are required to verify their identity by inputting a code sent to their phone number.
Note: the process below is only for Administrator users using app.thrive.health, not for end-users. If you would like to learn how to enable the MFA from an end-user perspective, please see this article: Multi-Factor Authentication - End Users.
1. Log in to app.thrive.health with the username and password that you created
2. On the home page, click on your name on the top right corner and select Account Settings
3. Click on the Security tab. Here, you can enable MFA by selecting No or Yes
4. You will be logged out of your account when you select Yes and click Save
5. Re-enter your Thrive Health username and password
6. You will be taken to the following screen, where you will enter your personal cell phone number and click Continue
Note: Ensure there are no typos as a verification code will be sent to this number.
7. Once you have received your verification code and have entered it into the required field, you will be given a recovery code
Note: Please keep this code in a safe place, as it will allow you to recover your account in the case of an emergency.
However, if you forgot your code or want to access your account without it, there is an option to do so when first logging into your account. You can select Try another method that will allow you to use either SMS or Email, or your Recovery Code, to access your account.
8. You are now able to access your Thrive Health account. Please note that when MFA is enabled, you will need to have access to your cell phone every time you log in
B. MFA - Mandatory for the whole Organization
Mandatory enforcement means that each Thrive Health user must use MFA to access the platform, creating uniformity and increased security across the entire organization. Depending on the Organization tier, MFA mandatory enforcement can require different steps:
- Premium Tier: mandatory enforcement of this feature is available with the Premium tier. The Organization Administrator will need to contact firstname.lastname@example.org to enable this feature.
- Standard and Flex Tiers: it is a paid add-on feature. Organization Administrators can contact Thrive Health at email@example.com for a sales conversation if this feature is of interest to your organization.
Once the MFA feature has been enabled by Thrive Health, the Organization Administrator will need to turn it on in the platform:
1. Log into the app.thrive.health organization administrator account
2. Click on System Configuration
3. Under Security, you can enforce Multi-Factor Authentication by selecting No or Yes
4. All users of the platform within the organization are now required to follow the MFA process