Security is a top priority, and Multi-Factor Authentication (MFA) is a powerful tool we use to protect admin access. If you're setting up a new administrative account, you may discover that MFA is automatically required, even for an account without an associated email address.
This is by design! MFA is a mandatory security measure for all admin roles. Here is the scenario and your recommended solutions for setting up your admin accounts securely.
The Scenario: Mandatory MFA for Admins Without Email
You are setting up a new administrative account (for a team or a specific user) that does not have a registered email address. You want to disable the Multi-Factor Authentication (MFA) requirement for this account, but the system is enforcing it. The system displays a message indicating that MFA is now required for all admins to access the academy.
Your Recommended Solutions
Because MFA is a requirement for all Admins, it cannot be disabled for any account with that role. However, if the admin account cannot receive MFA codes via email, there are excellent alternative methods you can use:
Solution 1: Use an Authentication App
If the user does not have an email address associated with their account, they can use an MFA app to generate a one-time code for login. This process is secure and does not rely on email.
The user can choose to set up an app like Google Authenticator or Authy to generate their one-time code.
Solution 2: Consider an Alternative Role
If the user cannot or will not use an authentication app, you can assign them a different role that still provides the necessary permissions without the mandatory MFA requirement.
Training Manager Role: You may want to consider giving them the 'Training Manager' role as an alternative. This role provides significant administrative capabilities without the MFA mandate of the full 'Admin' role.
Custom Role: If a specific set of permissions is needed, you can also set up a 'Custom Role' for them. This allows you to tailor the access precisely to their duties.
By utilizing an authentication app or an alternative role, you can ensure your team members have the access they need.
Related Articles
Multi-Factor Authentication (MFA)