Users have the option of adding an additional layer of security to their Shift account by enabling Multi-Factor Authentication (MFA). MFA links your account to a separate device, and uses an authenticator app (like Authy or Google Authenticator) to give you a six digit code that is valid for 30 seconds to confirm your credentials after completing a magic link login. (Additionally, Administrators in Shift can require users to authenticate using MFA.)
MFA in Shift is global across all workspaces, so that once it is set up, you have a single MFA token that works for all accounts/companies that have added you to their workspace, without needing to enter codes repeatedly.
To setup MFA in your Shift account, navigate to your User Profile and select the tab "Security." By default, MFA will be disabled and you will need to enable MFA by clicking the toggle next to Multi-Factor Authentication.
After you enable MFA in the Security tab of your Shift profile, you will be provided with a QR Code that you will need to scan with an authenticator app. We recommend users download either Google Authenticator or Authy on a secondary device to scan the QR code.
Once you download your authenticator app, either scan the QR code with the app or manually enter the Key into your authenticator app. Once this is complete, Shift will be added to your authenticator app and you will be provided with a temporary 6-digit code on your device that you will need to enter in your Shift account as shown above.
After you enter the 6-digit Code, click "Activate" to validate the code and complete the process of enabling MFA for your Shift account. You will then need to visit your authenticator app to retrieve your 6-digit code each time you log into your Shift account.
If you wish to disable MFA for your Shift account, log into your Shift account and navigate to the Security Settings page in your User Profile. Then click the toggle next to Multi-Factor Authentication to Disable MFA.
Once clicked, a Disable MFA modal will appear that will require you to enter the 6-digit verification code from your authenticator app to confirm the action. It will also inform you of any Shift Workspaces you will no longer have access to once you disable MFA.
Enter the 6-digit code from your authenticator app and click "Disable" to remove the MFA requirement from your Shift account.
When buying a new phone/trading in an old phone, it is important to know that your tokens are tied to the device and will not be transferred in a typical data migration.
Our team recommends using apps like Authy that can back up your tokens to the cloud. This way you can transfer your MFA codes across devices.
MediaSilo MFA Tokens
If you previously had MFA setup in MediaSilo, you will now be asked to setup MFA in Shift in order to access that same Workspace. Your MFA token for MediaSilo will not transfer over to Shift.
Screeners MFA Tokens
Shift has a shared MFA token with Screeners.com. If you are a user on Screeners who has set up MFA, your token will be valid to access Shift. If you enable it in either application, that token can be used in both.
If you use Single Sign-On to authenticate, it is not possible to enable MFA because you are restricted to the authentication rules set by your company's identity provider. If MFA is not enforced and you would like to add it, we recommend that you contact your administrator.