If a simple password doesn't seem safe enough, enabling Pipefy's Multi-factor authentication provides extra security to prevent your information from falling into the wrong hands.
This feature is available for Enterprise clients only.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a method of confirming each user's identity using a combination of at least two different methods.
Pipefy currently supports several mobile phone apps to confirm your authentication independently beyond your username and password/sign-on token. To authenticate using MFA on Pipefy you'll use your personal password (secret) plus a one-time-valid, dynamic passcode. The code will be generated and sent to your mobile device via any of the supported authenticator apps below:
What type of multi-factor authentication do Pipefy offer?
Pipefy currently offers standard time-based OTP system. While there are several mobile apps to consume it and that's the recommended approach, it is compatible with keychain OTP generators or even Chrome extensions such as Authy.
How to activate multi-factor authentication
From the User settings screen, you should be able to activate MFA for your account and retrieve your recovery codes. To do so:
Access your user settings: Click on your profile picture in the upper right corner of the screen, then select account preferences.
Enable MFA: Inside My settings page, find the Multi-factor authentication section. Click on the switch button to enable it.
Undo this action by clicking on the switch button once again.
Be sure to store your recovery codes securely, for instance by using Print to generate a paper copy or a PDF to save them at a safe location. If you do not have these recovery codes, losing access to the app where you set up Pipefy for MFA will cause you to lose access to Pipefy as well!
Once this is done, log out to complete the multi-factor activation.
The next step is to scan the QR core in one of the apps we mentioned above.
It will provide a 6 digit code you'll type on the screen to connect Pipefy to it. Enter the code and click on the green button.
How to retrieve my account if I lost my device
If you're unable to login because you lost your device, use one of the exclusive recovery codes you generated and stored when you first activated MFA.
You should access the login page: https://app.pipefy.com/login then click on the 'Can't log in?' link between the password input box and the Log in button.
On the next screen, select the option Recover two-factor authentication code, and submit the e-mail associated with your Pipefy account.
You will receive an e-mail requesting to access a page where you will enter one of your valid recovery codes. You should also decide:
If you want to keep using MFA and only reset the current authentication app (you'll need to have your mobile device with you to complete the setup). If so leave the "Continue using MFA" checkbox checked,
If you want to disable MFA from your account entirely (you can always reactivate it later on in your User settings), uncheck that checkbox.
After this, you should be able to log in to your account as usual. You will want to make a note that the individual recovery code you used will no longer function and/or consider generating all-new recovery codes (see how below).
If you don't have the recovery codes with you or if you have lost them, please ask our support team for help via in-app chat or writing to firstname.lastname@example.org. We will never ask for your password or share your credentials during this process.
Join Pipefy's Community to share ideas and give feedback about our product.
Learn how to make the most out of our platform with Pipefy Academy’s free courses.