How do I set up EventAir users with MFA/2FA (multi-factor/two-factor authentication), with a code to their phone or email?

Last Modified on 11/25/2024 3:11 am EST

  1. Go to Application Setup (from the event selection screen)

  2. Select Password Policy.




    (It will open up with a blank panel, and you need to click on “Password Policy” in the left-hand panel to see your current policy.)


  3. By default, your password policy will be set to PCI v3.0 Compliant. To add further security, select the “Extended PCI v3.0 Compliant” radio button.


  4. Now you have the option to:
    - Change the minimum password length
    - Enable the “must contain numbers” setting
    - Limit the re-use of previous passwords (set a number for how many can't be used)
    - Specify how often passwords must be changed. (Consider that overly-frequent password changes can frustrate users and lead them to using insecure workarounds such as notes on their desk.)


    How can a user update their password?

    Users of EventsAir (your team) are always able to update their email and reset their password by clicking on the Update User Account icon located in the top right corner of each screen in EventsAir (next to the Help icon).


    You also need to set parameters for locking out users for a specified period of time after too many unsuccessful attempts. This is to help prevent brute force attacks. For example, after 3 failed attempts at logging in, you could freeze the account for 30 minutes.

    Apply Password Policy to Online Accounts box - enables the same password policy settings to apply to contacts who register for your event.

  5. Tick the box for Two-Factor Authentication Required.

  6. Select a Delivery Method:

    You can specify just email (this will be sent via your normal email connection)
    If you specify Email or Text Message you need to choose your Text Message Gateway from the dropdown box.

    IMPORTANT: Before doing this, you must have SMS (Text) Gateway set up in your event. This is done in your event, under External Connections. You also need to have sufficient credits.

  7. Save your changes before closing.

    You can also set up MFA (Multi-factor authentication) using another system such as Azure Active Directory, and connecting to EventsAir via single sign-on (SSO). See the separate FAQ on this.

Related Articles

Was this article helpful?
Thank you for your feedback!
Copyright © EventsAir. All rights reserved.