Skip to main content

Two-Factor Authentication (2FA)

Two-factor authentication (also known as 2FA) is a subset of multi-factor authentication. It allows your users to enable additional protection for their Files.com account by requiring a combination of two different factors to gain access to their Files.com account. Something they know (e.g. their password), and something they have (usually their smartphone, or hardware 2FA key management device).

2FA is an excellent way to improve your security profile and provide an added layer of protection to your data.

Limiting Allowed 2FA Methods

Site administrators may select which 2FA methods are available to their users. All methods are allowed by default, but if your security model doesn't allow SMS, for example, you can deactivate that method.

2FA and Single Sign-on

If Single Sign-On (SSO) is enabled for your users, you can still configure 2FA requirements within Files.com. In your SSO provider configuration under User Access & Security, you can set how 2FA applies to users provisioned through your identity provider. You can follow the site-wide 2FA policy, always require 2FA, or never require it for your SSO users. This controls whether users signing in through SSO are prompted to set up 2FA in Files.com and applies to users provisioned through SCIM or JIT provisioning. By setting this during SSO provisioning, you can automatically enforce 2FA requirements for your SSO users.

If your organization prefers to enforce 2FA through the identity provider, you can set it up directly within your SSO platform. Most providers support their own 2FA policies, allowing you to require multi-factor authentication before the user reaches Files.com. This setup can be used independently or in combination with 2FA settings configured in Files.com.

Mandating 2FA

Administrators with a Power or Premier plan have the option to mandate 2FA for their users. The mandate can be applied for all users, or can be limited to administrators only.

Users flagged as a Shared/Bot user are exempt from 2FA mandates.

Before an administrator turns on this setting, they need to have at least one 2FA method set up for their own user. This is a precaution to prevent the administrator from being locked out of the site. Refer to the Setting up 2FA section below for instructions on how to set up a 2FA method.

You can select whether to make 2FA required for All users, or Site Admins only. Once set, the applicable users will be required to set up and verify a 2FA method upon their next login before they are able to proceed using their account.

Removing the 2FA mandate, once it has been enabled, carries a 7 day waiting period as a security measure. After an administrator removes the 2FA requirement, users will not be able to remove their last 2FA method, and new users will still have to enable at least one 2FA method, until seven days have elapsed.

Exempting Individual Users From Mandate

Site administrators can configure individual user accounts to exempt them from the site-side two-factor authentication requirements.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial