Browser not supported

Sorry, the InVision Help Center does not support Internet Explorer. Please download Microsoft Edge or another modern browser.


Two-factor authentication

Follow

Enterprise customers can enhance authentication security with two-factor authentication, including Google Authenticator, Microsoft Authenticator, Authy, or any other RFC 6328/RFC 4226-compliant multi-factor token.

To establish two-factor authentication as a requirement for your organization, an Enterprise admin must:

  1. Visit your Enterprise subdomain (e.g., https://your-subdomain.invisionapp.com) and sign in.
  2. In the main menu, click People.
  3. To the left of the pink button, click the ••• (more) icon and click Member Permissions.
  4. Under the Global heading, toggle the Require two-factor authentication for logins switch to the right.
  5. The admin will then need to turn on two-factor authentication for their own account, following the instructions in the "Setting Up Two-Factor Authentication" section below.

Once this setting is applied and at least one admin in the Enterprise has setup two-factor authentication, members of the Enterprise will receive an in-app notification that two-factor authentication is now enabled and members must update their authentication settings as well. The notification also includes a link to this Help Center article so they can read the set-up instructions. Access to the Enterprise proper will be restricted until two-factor authentication is confirmed.

Setting up two-factor authentication

There are two options for establishing two-factor authentication for your InVision Enterprise:

  • Authentication via SMS (short message service)
  • Authentication via Google Authentication or another approved authenticator
    Note: To provide a real-world example, the instructions below refer to Google Auth.

Two-Factor authentication via SMS

Important: If your organization or collaborators are located in a region that has SMS restrictions in place (for example, parts of India, France, and China), the sign-in process may be disrupted; therefore, we recommend using Google Authenticator or a similar app to establish two-factor authentication in such areas. To learn more, read this article: Limitations with SMS-based two-factor authentication (2FA) for InVision Enterprise

To enable two-factor authentication via SMS:

  1. Visit your Enterprise subdomain (e.g., https://your-subdomain.invisionapp.com).
  2. When prompted to enable two-factor authentication, click Let's Do This.
  3. Re-enter your InVision password and click Continue.
  4. Click Test Message, enter your mobile number, and then click Next.
  5. Enter the code you received via SMS.
  6. Click Finish.
    invision-2FA-SMS-auth.gif

Two-Factor authentication via the Google Authenticator App

  1. Visit your Enterprise subdomain (e.g., https://your-subdomain.invisionapp.com).
  2. When prompted to enable two-factor authentication, click Let's Do This.
  3. Re-enter your InVision password and click Continue.
  4. Click Google Authenticator.
    Note: You will also need to download the Google Authenticator app from the iOS App Store or Google Play Store.
  5. From your mobile device, open the app, click the + icon at the top-right corner of the app, and click Scan barcode at the bottom of the app.
  6. Scan the barcode on your computer screen.
  7. Click Next, and then enter the code the Google Authenticator app provided.invision-2FA-google-auth.gif

Once you’re successfully signed in, you’ll see a confirmation message as well as options to view your backup codes and change your authentication method.

Important: We strongly advise customers to jot down the Backup Codes at the end of the process and store them somewhere safe (not in your phone); this will be the only way to access the enterprise if a device is lost or phone number is changed. Each of these codes can be used once to sign in to the account, bypassing the need for an authentication device.

 

Frequently Asked Questions

What do I do if I've lost my device and don't have my backup codes?

Please have the Enterprise account admin contact Customer Support.

How do I generate more backup codes if I've used up my initial batch?

To generate more backup codes:

  1. Sign in to your account.
  2. At the top right, click your avatar and click View Profile.
  3. Click the Password tab.
  4. At the bottom of the screen, next to Two Factor Authentication is On, click Change.
  5. Re-enter your password and click Continue.
  6. To the right of the Backup codes heading, click View Codes.
  7. At the bottom of the Backup codes dialog, click Get New Codes.
    Note: New codes will be generated. Be sure to jot them down somewhere safe.
  8. Click Done (twice).

How do I disable two-factor authentication for my Enterprise company?

Only an admin can turn off two-factor authentication for an Enterprise company. The admin will need to navigate back to Member Permissions where two-factor authentication was enabled, and then toggle Require Two Factor Authentication back to OFF. 

Can I use two-factor authentication for the InVision iOS app, InVision Sync, Craft Sync, or other applications that integrate with InVision?

At this time, two-factor authentication is only supported in the main InVision application and Studio. Our InVision iOS app, InVision Sync app, and Craft plugins do not currently support it.

Can I require two-factor authentication for my share links?

At this time, share links are not subject to two-factor authentication.


Was this article helpful?

Still have a question?

Contact Us