Multi-Factor Authentication (MFA) – Bynder Support

Don't put your Bynder account at risk and make use of multi-factor authentication (MFA), which is also known as two-factor authentication (2FA). This is an extra security layer added to the login process of portals that do not make use of single sign-on (SSO). Users with MFA enabled need to enter an additional security code besides their regular email and password. This security code is generated by an authenticator app on another device. In most cases this would be your smartphone. All MFA apps that support TOTP (Time-based One-Time Passwords) can be used.

As an admin you can enable 2FA for all permission profiles or only for specific ones. Alternatively, you can allow users to enable it themselves for their profiles if they think it's needed.

Select your portal role below to get all the relevant information you need about multi-factor authentication

I am an administrator

If your portal is not set up with single sign-on (SSO), we strongly advise to roll out multi-factor authentication portal-wide in order to secure the accounts of your users as much as possible.

How to reset MFA for a user?

Follow the instructions below to reset the MFA of a user.

Go to Settings > Users & rights > User Management.
Search for the user who needs a MFA reset and click the account.
Click the Reset button in the Multi-Factor Authentication section. The user can now login again without having to use MFA.
Click the Save button.

Note

Only users with a permission profile that has the Require MFA on login permission enabled, will need to reconfigure their MFA upon their first login after the MFA reset. Users with a profile for which this permission is not enabled, will not be required to re-enroll for MFA. They can re-enroll manually though by going to their account page.

How to disable MFA?

At what level do you want to disable MFA?

For specific permission profile(s)

MFA can be disabled for a permission profile by following the steps below.

Note

Disabling MFA on a user profile level only makes sure that new users with this profile are no longer required to set up MFA upon their first login. However, MFA will not be deactivated for all users, who have this profile and already set up MFA before.

Go to Settings > Users & rights > Permission Management.
Select the user profile for which you want to disable 2FA.
In the Users and permissions section, deselect the permission Require MFA on login.
Click the Save button to save the changes.

For a specific user

In order to disable MFA for a specific user, MFA needs to be temporarily disabled for the user profile of that user. Follow the instructions below.

Go to Settings > Users & rights > User Management.
Search for the user whose MFA needs to be reset.
Click on the account and check the user profile.
Go toSettings > Users & rights > Permission Management to verify your permissions.
Select the user profile for which MFA temporarily needs to be disabled.
In the Users and permissions section, deselect the permission Require MFA on login and click the Save button at the bottom of the page.
Go back to Settings > Users & rights > User Management and open the account of the user again.
Click the Reset button in the Multi-Factor Authentication section. The status of the MFA will now turn to disabled.
Go back to Settings > Users & rights > Permission Management.
Select the user profile for which MFA was switched off.
In the Users and permissions section, reselect the permission Require MFA on login and click the Save button at the bottom of the page to save the changes.

I am a user

How can I use Multi-Factor Authentication?

Make sure you have an authentication app installed on your smartphone. For example DuoSec App or Google Authenticator App. Any MFA app that supports TOTP (Time-based One-Time Passwords) can be used.
Make sure the time on your phone and computer is synced. Otherwise, the generated code might be faulty.
Log in to your portal.
Click your name in the (right) top corner of the screen and click Edit profile to go to your account settings.
In the Multi-Factor Authentication section, click Enable.

Note

If this section is not available MFA is not available for your account. Contact your portal administrator for more information.
Scan the QR code and enter the 6-digit code your app generates.
Click Enable. You will be redirected to your account page.
Click Save to finish the setup.

Next time you log in to your account, you will be asked to provide the authentication code to successfully log in to Bynder.

How to reset MFA?

Select your situation below.

I cannot login to the portal

If Multi-Factor Authentication is enabled and the device used for the second authentication factor is no longer accessible, logging in is no longer possible and you will not be able to reset your MFA yourself.

Contact your portal administrator when you no longer have access to your device used for MFA. The admin can help you resetting your MFA. Once your MFA is reset, you can bypass the additional authentication for one time. After your first login, you may be prompted with a screen to re-enroll a device for MFA before you can start using the portal again.