The Staff Portal (formerly CivicPlus Organizations) service supports Organization-level Two-Factor Authentication (2FA) to provide enhanced security for single sign-on. This industry-standard security convention requires users to use both their password and a secondary form (such as an Authenticator app) to prove their identity at sign-on, hence the term two-factor.
Important Notes
Once enabled, all users associated with your Organization will be prompted with instructions at their next sign-on (even users who have 2FA turned off on their individual accounts).
Before enabling, we recommend you review your list of Organization Users and add or remove any users as needed.
If a user is associated with multiple Organizations (City and County, for instance), 2FA will be required if either Organization chooses to enable it.
This setting only applies to Organizations that are not using a custom identity provider.
Who can use this feature?
Organization Owners
Instructions
Sign in to the Staff Portal
Navigate to Settings
Scroll down to the Security section and toggle on Force Two-Factor Authentication
Click Save
Once enabled, the next time users log in, they will be prompted to scan a QR code and set up the 2FA app of their choice
Users will also see a list of Recovery Codes for their account in case they ever lose access to the app. We highly recommend users save these codes.
Signing in will now require a time-based, one-time passcode every time a user logs in