Recruit CRM

Two-factor authentication (2FA) or multi-factor authentication (MFA) is a way of enhancing the security of your Recruit CRM account beyond your standard login credentials. 

How does Two Factor Authentication work? 

___________________________________________________________

1. The first step to set up the 2FA/MFA is to visit the <a href="" rel="nofollow noopener noreferrer" target="_blank">Security tab</a> on your <a href="https://app.recruitcrm.io/v1/user/profile" rel="nofollow noopener noreferrer" target="_blank">Profile Settings</a> and turn the toggle on.

​2. The system will immediately open a pop-up with a QR Code to set up the authentication process. You can either:

Download an authenticator app like Authy, Google Authenticator, 1Password, or Microsoft Authenticator from your mobile app store and scan the QR code.

Manually enter the given code into the authenticator app.  

- Download an authenticator app like Authy, Google Authenticator, 1Password, or Microsoft Authenticator from your mobile app store and scan the QR code.
   
- Manually enter the given code into the authenticator app.  

3. Once you connect your Recruit CRM account to the security or authentication app, you'll get a one-time verification code whenever you need it. 

4. Insert the 6-digit code and select the "Enable Two Factor Authenticator" option. ​

5. You will then need to sign out of your account and log in again to set up the Two-Factor Authentication.  Enter both your password and a security code from your authenticator app to sign in to your account.

How to enforce 2 Factor Authentication to all users 

Users with permission to<a href="https://app.recruitcrm.io/v1/account-management" rel="nofollow noopener noreferrer" target="_blank"> Account settings</a> can enforce 2FA to all users and enhance security across the organization.

1. Go to <a href="https://app.recruitcrm.io/v1/account-management" rel="nofollow noopener noreferrer" target="_blank">Account</a> on the <a href="https://app.recruitcrm.io/v1/admin-settings" rel="nofollow noopener noreferrer" target="_blank">Admin Settings</a> to enforce the Two-Factor Authentication. You will get the option to make it required for all account users or to exclude specific users. ​

​If you choose to exclude specific users, you'll get a list with all the current teammates in your account and can unselect the ones you don't wish to exclude. ​

2. After enforcing the Two-Factor Authentication, users will get an email to configure it and will have the option to set it up during their next login in Recruit CRM. ​

🚫 How to disable Two-Factor Authentication

If 2FA is not mandatory in your account, you can disable it on your <a href="" rel="nofollow noopener noreferrer" target="_blank">Profile Settings</a> by entering your Recruit CRM password. ​

In case a user is locked out of their account and 2FA is enforced, anyone with access to <a href="http://In%20case%20a%20user%20is%20locked%20out%20of%20their%20account%20and%202FA%20is%20enforced,%20any%20user%20with%20User%20Management%20can%20disable%20the%202FA%20option%20and%20allow%20the%20teammate%20to%20login%20into%20Recruit%20CRM." rel="nofollow noopener noreferrer" target="_blank">User Management</a> settings can disable the 2FA option and allow the teammate to log into Recruit CRM. ​

You can quickly identify the Two-Factor Authentication status by checking the column. There are three possible statuses:

- If 2FA is not mandatory in your account, you can disable it on your <a href="" rel="nofollow noopener noreferrer" target="_blank">Profile Settings</a> by entering your Recruit CRM password. ​
 
 
- In case a user is locked out of their account and 2FA is enforced, anyone with access to <a href="http://In%20case%20a%20user%20is%20locked%20out%20of%20their%20account%20and%202FA%20is%20enforced,%20any%20user%20with%20User%20Management%20can%20disable%20the%202FA%20option%20and%20allow%20the%20teammate%20to%20login%20into%20Recruit%20CRM." rel="nofollow noopener noreferrer" target="_blank">User Management</a> settings can disable the 2FA option and allow the teammate to log into Recruit CRM. ​
 
 
- You can quickly identify the Two-Factor Authentication status by checking the column. There are three possible statuses:

Enabling MFA will disable <a href="https://help.recruitcrm.io/en/articles/9163386-single-sign-on-sso-integration">SSO</a> if that is enabled on the account.

Add an additional layer of protection beyond the standard username and password.

Disabled	2FA is not enabled by the user
Enabled	2FA was enabled by the user
Enforced	2FA is mandatory for that specific user