Growlink Portal & App information
      Back to home
      1. Growlink Knowledge
      2. Growlink Portal & App information

      Multi-Factor Authentication (MFA)

      Multi-factor authentication (MFA) provides additional security when users sign into the Growlink Portal and Growlink Mobile App.

       

      Multi-Factor Authentication (MFA) adds an extra layer of security by requiring users to verify their identity using more than just a password. This additional step significantly reduces the risk of unauthorized access, even if your password is compromised.

      One of the most common forms of MFA is two-step verification, which typically relies on a second factor—such as a code sent via SMS or email—to confirm your identity. While both methods enhance security, they have key differences:

      • SMS-based verification: A one-time passcode (OTP) is sent via text message to your mobile phone. This method is widely used and convenient, but it can be vulnerable to SIM-swapping attacks and interception.
      • Email-based verification: A security code is sent to your registered email address. While this method avoids phone-related risks, it depends on the security of your email account, which itself should be protected by a strong password and MFA.

       

      Enabling SMS-based MFA

      To enable SMS-based Multi-Factor Authentication, open the main menu by clicking on your user icon, then click the "Security" option.




      In the Security Settings drawer, click the siwtch to the right of "Enable SMS Multi-Factor Authentication":


      Enter your phone number and click "Send Code". This will send a verification code as a text message to your phone number:


      You should receive a text message like this:

      Enter the security code and click "Submit". 
      (You can also get another code by clicking "Send code again")

      If the code is correct, you should see a success message confirming the verification was successful:



      Next time you log in, you will be required to enter an additional verification code via SMS if the system detects something suspicious.

      Enabling Email-based MFA

      To enable email-based verification, open the main menu by clicking on your user icon, then click the "Security" option:




      In the Security Settings drawer, click the switch to the right of "Enable SMS Multi-Factor Authentication":


      This will send a verification code to your email address.

      Enter the security code and click "Submit":

      If the code is correct, you should see a success message confirming the verification was successful:

      Next time you log in, you will be required to enter an additional verification code via email if the system detects something suspicious.



      Enabling Organization-wide MFA

      Using an organization admin account, you can also enable MFA across your entire organization of users.

      To do so,  click "Manage Users" in the settings menu.


      At the top left of the Users table, click the toggle next to "Require Multi-Factor Authentication":


      Click "Proceed". This will enable MFA across all the users in your organization.


      Next time your users log in, they will be required to enter an additional verification code via email if the system detects a suspicious login.

      In addition, Email MFA cannot be disabled by users in your organization within their own Security Preferences. If one of your users opens their Security Preferences, they will no longer be able to disable Email MFA because you have enabled it organization-wide: