Manage MFA for individual users
In this article:
Learn how to enable, disable, or check the MFA status for an individual non-SSO user in Logiqc.
When organisation-wide MFA enforcement is not turned on, you can control MFA on a per-user basis. This lets you roll out MFA gradually, or enable it for specific users before enforcing it across the whole organisation.
Use per-user MFA controls when your organisation has not turned on MFA enforcement, but you want to enable or disable MFA for specific accounts.
If your organisation has turned on MFA enforcement, the per-user toggle is locked on for all non-SSO accounts. You can still use Reset MFA to help a user who is locked out. See Reset a user's MFA.
Q: Can I disable MFA for a user if organisation-wide enforcement is on?
A: No. When enforcement is on, the per-user MFA toggle is locked to enabled. To disable MFA for an individual user, organisation-wide enforcement must be off.
Q: Does this apply to SSO users?
A: No. SSO users authenticate through Microsoft Entra ID. MFA controls in Logiqc only apply to non-SSO accounts.
Q: What if a user has lost access to their authenticator app?
A: Use the Reset MFA button on their account. See Reset a user's MFA for steps.
Before you start
Check the following:
- You have administrator access to user administration in Logiqc.
- The user has a non-SSO account - they sign in with a username and password, not through SSO.
- Organisation-wide MFA enforcement is off if you need to enable or disable MFA for an individual user.
Step 1: Go to Admin mode
From your Account menu, select Admin mode, then select Users from the Administration panel.
Navigation pathLocated in the top right corner of the screen. Click the ⋮ icon and select Admin mode.
Once in Admin mode, select Users from the Administration panel on the left-hand side.
Use this screen to find the user account you need to manage.
Step 2: Open the user's account
Find the user whose MFA settings you need to manage, then select their name to open their account.
Step 3: Enable or disable MFA for the user
To enable MFA: select the Multi-Factor Authentication toggle to turn it on. The user will be prompted to set up MFA at their next sign-in. They'll need an authenticator app on their mobile device.
To disable MFA: select the Multi-Factor Authentication toggle to turn it off. The user will no longer be required to enter a one-time code when signing in.
What happens next
The change takes effect at the user's next sign-in.
If you enabled MFA
The user will be taken through MFA setup at their next sign-in. Let them know in advance so they have an authenticator app ready.
If you disabled MFA
The user's next sign-in will only require their username and password. No authenticator code will be needed.
If a user loses access to their authenticator app
Use the Reset MFA button to clear their setup and prompt them to enrol again at their next sign-in.
To keep going, see: