Two-factor authentication (2FA)
How two-factor authentication works in Fundraise Up.
Two-factor authentication adds an extra layer of security to your Fundraise Up accounts. By requiring a second form of verification, 2FA ensures that your account and supporter information is protected from unauthorized access.
Fundraise Up supports 2FA via SMS and authenticator applications. When 2FA is enabled for a user, it means that in order to log in to their account, they must enter either a code sent to their mobile device via SMS or a code generated in an authenticator application of their choice.
Making 2FA required for all users
2FA can be enabled for individual users or required for all users by an Organization Administrator. To require 2FA for all users, an Organization Administrator must first enable 2FA for their own account. Once this step is complete, 2FA can be made mandatory from the Security page of the account settings page. To do this, click the Make 2FA required button in the Two-factor authentication (2FA) section of the page.
When you make 2FA mandatory, all users who don't have 2FA set up will be automatically logged out of their Fundraise Up account. In order to log back in, they will need to set up 2FA using their preferred verification method.
Resetting 2FA
If necessary, you can reset 2FA for user accounts by selecting the Reset 2FA option in the three-dot menu next to each user listed on the Team page. If 2FA is optional in your organization, this will simply remove 2FA from that account. If 2FA is required for all users in your organization, the user whose 2FA is reset will be automatically logged out of their Fundraise Up account and will need to re-enable 2FA in order to log back in.
2FA and SSO
For accounts with SSO Required:
- Regardless of your organization’s 2FA requirement status, the setting is marked as Not applicable under account settings. You cannot change it unless you switch to another SSO mode.
- Changing the SSO mode from Required to Optional or Off reverts the 2FA status to its previous state.
- With SSO Required, 2FA is not requested at login, even if 2FA Enabled is set in the user’s profile settings.
For accounts with SSO Optional:
- 2FA is requested on login if 2FA Enabled in the user’s profile settings or 2FA Required for the account.
- 2FA settings are at the discretion of users; any organization member can enable 2FA for themselves, and administrators can require 2FA for all account members.