Hi community! We’re looking to tighten up our portal security. I know we can enable MFA for our technicians, but I’m a bit confused about the different methods available. Is it better to use an app or just stick with Email/SMS? Also, how do I actually turn this on for my existing team?
12 Views
Replies (3)
Marked SolutionPending Review
Hexnode Expert
3 days ago
May 22, 2026
Marked SolutionPending Review
Hi @benjay! You’re absolutely right to prioritize this—the portal is the “keys to the kingdom,” so MFA is your best line of defense.
Hexnode supports three primary methods:
-
Authenticator App (TOTP): Using Google or Microsoft Authenticator. This is our highly recommended method as it’s the most secure against “SIM swapping.”
-
Email OTP: Uses the technician’s registered business email.
-
SMS OTP: Sends a code via text (requires you to configure your SMS gateway under Admin > SMS Settings first).
How to enable it:
-
Navigate to Admin > Technicians and Roles.
-
Click the More icon (…) next to a technician’s name and select Edit Technician.
-
Scroll to Two Factor Authentication, select your preferred mode, and hit Save.
Pro-tip: The moment you save this change, that technician will be forcefully logged out and must re-authenticate to set up their new MFA factor!
Marked SolutionPending Review
Participant
3 days ago
May 22, 2026
Marked SolutionPending Review
Thanks! If I choose the Authenticator App, what does the setup look like for the technician? Do I need to send them a manual link?
Marked SolutionPending Review
Hexnode Expert
3 days ago
May 22, 2026
Marked SolutionPending Review
Nope, it’s all handled automatically at the next login:
-
The technician enters their password as usual.
-
A QR Code will pop up on the login screen.
-
They scan that code with their app, enter the 6-digit verification code, and they’re in!
Just a heads-up: For Email and SMS, the codes are only valid for 3 minutes. If they miss that window or get the code wrong three times, they’ll need to request a fresh one.
Save
