Skip to main content
InVision Support Home Page

Limitations with SMS-based two-factor authentication (2FA) for InVision Enterprise

If your Enterprise team has set up two-factor authentication (2FA) for InVision Cloud, using SMS as the delivery method will likely be problematic for any members of your team located in a country that heavily restricts automated SMS messages (e.g., India, China, or France). People in these areas may only receive SMS messages from InVision intermittently—or not at all. These limitations are due to local laws in the affected countries; therefore, InVision is unable to resolve the problem.

In such cases, we recommend using the Google Authenticator option rather than SMS. This method is reliable nearly anywhere, because it doesn't rely on SMS and instead uses a standard called TOTP (Time-based One-Time Passwords). Therefore, Google Authenticator and similar apps work well even if the device on which the authenticator app is installed is currently offline.

Though the InVision interface references Google Authenticator, any TOTP-compliant 2FA application should suffice, especially if Google Authenticator isn’t available as an option in your area. Alternatives include LastPass Authenticator, Authy, and others. InVision cannot recommend any particular solution, so we encourage you to work with your internal IT services personnel to identify the TOTP-compliant 2FA app that's best for your organization. You should then be able to click the Google Authenticator option in the InVision interface to enable 2FA for InVision using theTOTP-compliant 2FA app your IT team recommends.

Regardless of the 2FA method you select, please take care to save your backup codes when configuring 2FA for the first time. Should a member of your Enterprise run into trouble signing in after enabling your preferred 2FA method, they will need these backup codes to regain access to their InVision account.

Was this article helpful?

Still have a question?

Get help