Ci offers multi-factor authentication (also known as MFA and 2FA) to verify access to the user's Ci account.
You may set this up either by phone number, or by using any TOTP-compatible authenticator mobile app, such as Microsoft Authenticator or Duo Mobile.
To enable MFA, please navigate to your "Account Settings" by clicking your avatar in the bottom left corner.
Alternatively, if you are a part of a Workspace that requires MFA but you do not have it enabled, there will be a banner at the top of your Dashboard that will also have a direct link to turn on MFA.
Figure 1: From the Dashboard, navigate to your Account Settings
From there, navigate to 'Sign In & Security' and scroll down until you see the section titled 'Two-factor authentication', and then click 'Enable'.
Figure 2: Account Settings, then Sign In & Security
When you click on 'Enable', you will be greeted with the following pop up modal.
Figure 3: Set up authenticator app modal
From here, you can use your preferred authenticator mobile app to scan the QR code.
After your app has successfully registered with Ci, click the 'Next' button to see the following screen.
Figure 4: Verify your code modal
From your authenticator app, input the 6 digit code you see.
Successfully doing so will then move you to this screen where you can see randomly generated backup codes in case you are unable to use your authenticator app.
Figure 5: Two-factor recovery codes
Alternatively, you can also set up 2FA with your phone number by clicking on 'Set up with SMS instead' on the initial modal, and you will see the following screen instead.
Figure 6: Set up with SMS instead
After successfully putting in your phone number, you should receive a text message with a code that you will enter to complete setting up 2FA for your account. Recovery codes will also be made available after completing setup in case you are unable to receive text messages.
Updating Phone Number for MFA
In Account Settings, click "Sign in & Security".
Click "change phone number" (see the image below)
You can enter your current phone number, and then your new phone number to receive an authentication code.
After entering an authentication code sent to your new device, your phone number is updated.
Figure 7: TWO-FACTOR AUTHENTICATION page
Removing MFA
In Account Settings, click "Sign in & Security".
Click the trash icon on the right hand side and remove MFA.
Figure 8: Remove MFA from account
In case you do not have access to Ci due to a phone number change, please contact Support here.
Accessing Ci using MFA
Upon enabling MFA, when a user tries to log in to Ci after they insert their email and password and click "Login", they will be asked to provide an authentication code.
Depending on which method you used to set up MFA, you will be required to provide a code and you will see either of the following screens.
Figure 9: Authenticate via MFA mobile app
Figure 10: Authenticate via text message sent to phone number
The verification code via phone number is valid for 5 minutes. If it expires, the user will have to click the "Resend" button.
Please note, that some Company Networks require you to have 2FA enabled on your account in order to access any Workspaces within it. This may be reflected by a warning icon on the Workspace Icon, or a banner at the top of your dashboard.
Figure 11: Workspace Requires 2FA
Going to your 'Sign In & Security', you may also see a notification stating that x amount of Workspaces require 2FA to be turned on for your account.
Figure 12: User Sign In & Security, 2FA required to access a number of Workspaces
For any additional questions, please reach out to the Ci Customer Success Team by submitting a request here in the Help Center.