Civillo Documentation

# MFA (Multi-Factor Authentication) setup guide

WARNING

MFA is not available to accounts for which access is restricted to single sign-on. In this case, your identity provider will provide the MFA functionality.

Keeping your account secure is crucial, and enabling Multi-Factor Authentication (MFA) with Time-Based One-Time Passwords (TOTP) provides an extra layer of defense. TOTP works by generating temporary codes on an authentication app, ensuring that only you can log in—even if your password is compromised. Unlike SMS-based authentication, TOTP codes are not transmitted over the network, making them more resistant to phishing and interception attacks.

Setting up MFA with TOTP is quick and significantly strengthens your account security. Enabling it helps safeguard your information and reduce the risk of unauthorized access.

Some examples of authenticator apps that can be used for TOTP MFA are:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy
  • 1Password
  • FreeOTP
  • Bitwarden

# Enabling MFA on your Civillo account

You enable MFA from your user profile.

  1. When signed in, in the upper-right corner, click your user name and then click the Profile button. You can also follow this link (opens new window).

  2. Navigate to the section titled Multi-factor authentication.

  3. Change the Type to TOTP and click Enable.

  4. A dialog will appear prompting you to verify your email address.

  5. Click Continue to receive a 6 digit verification code by email.

  6. Check your email inbox and locate the message containing the verification code.

  7. Enter the verification code into the dialog and click Continue.

  8. After your email is verified, a new dialog will appear containing a QR code.

  9. Open the authenticator app of your choice and navigate to where you add a new entry (this will depend on the specific app you use).

  10. Using the app, scan the QR code. When detected, the entry should be added to your app automatically and it should start generating time codes.

  11. Enter the code shown in the app into the confirmation code entry in the dialog in Civillo and click Confirm.

  12. You should get a Success message. MFA is now enabled for your account.

After having enabled MFA, when entering your username and password, you will be required to enter the TOTP code from your authenticator app. Do not lose it otherwise you will need to contact Civillo support to regain access to your account.

# Disabling MFA on your Civillo account

Disabling MFA can be useful when you want to remove or change your authenticator app. We advise against disabling MFA for convenience reasons.

  1. When signed in, in the upper-right corner, click your user name and then click the Profile button. You can also follow this link (opens new window).

  2. Navigate to the section titled Multi-factor authentication.

  3. Click Disable.

  4. A dialog will show for you to enter a TOTP code. Enter the TOTP code from your existing authenticator app and click Confirm.

  5. You should get a Success message. MFA is now disabled for your account.

Last Updated: 27/02/2026

Supported devices