Multi-Factor Authentication with Dialpad
    • 18 Sep 2024
    • 3 Minutes to read
    • Dark
      Light
    • PDF

    Multi-Factor Authentication with Dialpad

    • Dark
      Light
    • PDF

    Article summary

    Keeping users secure is a must! Multi-factor authentication (MFA) is a security protocol that reduces the possibility of fraud and compromised accounts by requiring users to authenticate their identity with multiple methods.

    Dialpad’s simple, yet highly effective MFA solution requires users to verify their identity through a code sent directly to their email.

    Let’s dive into the details.

    Who can use this feature

    Multi-factor authentication is available to all Dialpad users who are not using one of our SAML or SSO integrations.

    MFA is supported on Dialpad’s desktop, web, and mobile apps (Android & iOS).

    How multi-factor authentication works

    Once your Dialpad Company Admin has enabled multi-factor authentication (MFA), each time a Dialpad user signs in with their email and password, they’ll receive a one-time password (OTP) in their email.

    Once they’ve verified the OTP, they can log into Dialpad.

    When MFA is required for all users, users must complete MFA registration upon their next login to any Dialpad app or the Admin Portal.

    Set up is a breeze; there’s no need to configure emails individually, as our MFA service uses the email addresses associated with your user's Dialpad account.

    Turn on multi-factor authentication

    To turn on multi-factor authentication, head to your Dialpad Company Settings.

    Note

    You must be a Company Admin to turn on MFA.

    1. Select Authentication

    2. Select MFA

    3. Select Enforce email verification code company-wide

    4. Select Save Changes

    That’s it, MFA is now enabled for your account!

    Add MFA exception

    While unusual, sometimes a user might not have access to their email to receive the one-time-code. Not to worry, Company Admins can create exceptions that let specific users bypass the MFA process.

    To add an MFA exception, head to your Company Settings.

    1. Select Authentication

    2. Select MFA

    3. Navigate to Exception List

    4. Select Add User

    5. Enter the user’s name in the search bar

    6. Select Add user

    7. Select Save Changes

    The user(s) will now appear in the Exception List.

    Remove user from MFA Exception List

    Company Admins can remove users from the Exception List at any time.

    To remove a user from the MFA Exception List, head to your Company Settings.

    1. Select Authentication

    2. Select MFA

    3. Navigate to Exception List

    4. Beside the user you want to remove, select Remove

    Unlock a user

    If a user has locked themselves out by entering the incorrect one-time password 5 times, admins can manually unlock the user.

    To unlock a user, head to your Dialpad Admin Portal.

    1. Navigate to Office Settings

    2. Select Users

    3. Select Options beside the user

    4. Select Admin

    5. Select Unlock account access

    Frequently asked questions

    What if I enter the wrong verification code?

    Dialpad gives you 4 chances to enter the verification code.

    30 seconds after the first code is sent or four wrong attempts, the resend-code button will be enabled.

    After 5 incorrect entries, you’ll be locked out of your account for 20 minutes.

    What if I don’t have access to my email account?

    If you can’t access your email account to receive the verification code, contact your Company Admin to have them add your email to the exclusion list. Then, you’ll be able to log in without MFA.

    Can you send my code via SMS instead of email?

    Currently, Dialpad’s verification code is sent via email only. Stay tuned as we add more functionality, SMS passcodes are coming soon.

    Does the one-time-password expire?

    Yes. The one-time password code will expire in 10 minutes. Once expired, it can not be used to verify multi-factor authentication, and you’ll need to request a new code.

    Can I change the email address used to receive the code?

    No. The one-time password will be sent to the user's primary email registered at Dialpad.

    What if there is an outage with my email provider?

    If your email provider is experiencing an outage, you can turn off MFA so users can log in to Dialpad.

    To turn off MFA, go to your MFA settings, uncheck the box beside Enforce email verification code company-wide, then select Save changes.


    Was this article helpful?