Multi-Factor Authentication (MFA)
Back to home
On this page
Multi-Factor Authentication (MFA) enhances security by protecting both your organization and every user account that interacts with it through SSH or the Platform.sh API.
When MFA is enforced within an organization, every project contributor must enable MFA on their user account so they can run Git commands, SSH into an environment, or trigger actions through the Platform.sh API.
Enable MFA on your user account
To access an organization that enforces MFA or any of its projects, you must enable MFA on your user account. Failure to do so results in forbidden access to the organization from the Console or API, and an error message when trying to SSH into its environments.
To enable MFA on your user account, follow these steps:
- In the Console, open the user menu (your name or profile picture).
- Click My profile
- Click Authentication settings.
- Follow the instructions for the chosen authentication app.
- Click Verify & save.
- Refresh your SSH credentials by running
platform login -f
in the CLI.
Enforce MFA within your organization
Tier availability
This feature is available for Elite and Enterprise customers. Compare the tiers on our pricing page, or contact our sales team for more information.
TO enable MFA within your organization, follow these steps:
- In the Console, open the organization dropdown menu on the leftmost navigation.
- In the exanded navigation on the right hand side, click Security. This will take you to the User security settings view.
- In the MFA required area, set the Enable toggle on.
Note
Under User security settings, you can view which users in your organization have activated MFA for their user accounts.
Send email reminders
You can send email reminders to users who haven’t enabled MFA on their user account yet. To do so, follow these steps:
- In the Console, open the organization dropdown menu on the leftmost navigation.
- In the exanded navigation on the right hand side, click Security. This will take you to the User security settings view.
- In the User security settings area, find the user you want to send a reminder to.
- Click More next to that user.
- Select Remind. An email is sent to the user with instructions on how to enable MFA on their user account.
Note
You can send reminders to multiple users at once. To do so, in the User security settings user list, select the desired users by checking the boxes in front of their names. Click Remind at the top of the list to trigger the reminder emails.