We’re happy to now offer our Enterprise customers the opportunity to enhance authentication security with two-factor authentication, including Google Authenticator, Microsoft Authenticator, Authy, or any other RFC 6328/RFC 4226-compliant multi-factor token.
In order for two-factor authentication to be required, an Enterprise admin must log in and go to the People tab. Then click the ... icon, and Member Permissions. Finally, go to the Enterprise Settings menu, and slide the toggle to Require Two-factor authentication for everyone. Then they will need to turn on two-factor authentication for their own account.
Once this setting is applied and at least one admin in the Enterprise has setup two-factor authentication, members of the Enterprise will receive an in-app notification that two-factor authentication is now enabled, and that they should set it up immediately for their account with a link to the help page/instructions for doing so. Access to the enterprise proper will be restricted until two-factor authentication is confirmed.
To set up two-factor authentication:
- Visit your Enterprise subdomain.
- You’ll be prompted to enable two-factor authentication. Click Enable.
- Re-enter your InVision password and click Continue.
- Choose whether you’d like to receive your authentication codes via SMS or the Google Authenticator mobile app.
Enabling two-factor authentication via SMS
5. Click SMS, enter your mobile number, then click Next.
6. Enter the authentication code you received via SMS. Then click Finish.
Enabling two-factor authentication via the Google Authenticator App
- Click Google Authenticator, then download the Google Authenticator app on your iOS or Android device.
- From your mobile device, open the app, click the + sign at the top right corner of the app, then click Scan barcode at the bottom of your screen.
- Scan the barcode on your computer screen.
- Click Next then enter the code provided by the app.
Once you’re successfully logged in, you’ll see a confirmation message, as well as options to view your backup codes and change your authentication method.
Important: We strongly advise customers to jot down the Backup Codes at the end of the process and store them somewhere safe (not in your phone); this will be the only way to access the enterprise if a device is lost or phone number is changed. Each of these codes can be used once to log into the account, bypassing the need for an authentication device.
Frequently Asked Questions
What do I do if I've lost my device and don't have my backup codes?
Please have the Enterprise account admin contact Customer Support.
How do I generate more backup codes if I've used up my initial batch?
To generate more backup codes:
- Log in to your account.
- Hover over your avatar at the top right and click View Profile.
- Click Password from the top menu.
- Click Change at the bottom of the screen next to Two Factor Authentication is On.
- Re-enter your password and click Continue.
- Click View Codes.
- Click Get New Codes. New codes will be generated- be sure to jot them down somewhere safe. Click Done.
How do I disable two-factor authentication for my Enterprise company?
Only an admin can turn off two-factor authentication for an Enterprise company. The admin will need to navigate back to Member Permissions where two-factor authentication was enabled, then turn Require Two Factor Authentication back to OFF.
Can I use two-factor authentication for the InVision iOS app, InVision Sync, Craft Sync, or other applications that integrate with InVision?
At this time, two-factor authentication is only supported in the main InVision application. Our InVision iOS app and our InVision Sync and Craft Sync apps don't support it at this time.
Can I require two-factor authentication for my share links?
At this time, share links are not subject to two-factor authentication.