To achieve more security the user can enable Multi-factor Authentication (MFA).
It’s up to the user whether he wants to opt for MFA or not. The user can activate or deactivate the MFA whenever he wants from the user profile management.
One MFA device gets automatically added right after the sign-up (with email/phone/SSO).
Users can add as many as devices he wants to support MFA after verification via SMS/email/authentication code. PWR Apps supports 3 types of devices:
Phone: The authentication code will be received over SMS
Email: The authentication code will be received over email
Authenticator: The user can log in after entering the authentication code generated on the authenticator app
If the MFA is enabled for the user. He will be redirected to the page after giving a valid username and password where the authentication code needs to enter and validated. Users can log in to the PWR Apps only if the authentication code is valid.
Users can update the Email and Phone number with one of the Emails and Phone numbers added as an MFA devices.