Topic
This article answers frequently asked questions about using multi-factor authentication in NinjaOne.
Environment
- NinjaOne platform
- Security
Questions
- I encountered a "human verification error" when logging in. What should I do?
- How does NinjaOne determine the default authentication method?
- One of the users in my NinjaOne environment no longer has access to their MFA authentication method(s). Can I reset MFA for them?
- Does NinjaOne support hardware-based keys?
- I use Authenticator App (time-based) MFA only, and I no longer have access to the device I use to authenticate. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
- I use SMS-based MFA only, and I no longer have access to the phone number associated with my NinjaOne user. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
- I lost my FIDO security key. How can I access my account?
- Can I force other users in my NinjaOne environment to set up MFA for their accounts?
- Can MFA be disabled for a user or account?
- What is the timeout duration for MFA codes?
- Do all web browsers fully support MFA?
- Is Apple "Passwords" supported by NinjaOne as an MFA app?
I encountered a "human verification error" when logging in. What should I do?
Perform a password reset to resolve this error.
How does NinjaOne determine the default authentication method?
The default authentication method is determined by which method was used to sign in most recently.
To set a default method, sign in using the method you want to become default. The next time you sign in, NinjaOne will automatically prompt the most recently used 2FA method. If you add a new authentication method, this will become default until you manually select another method upon sign in.
One of the users in my NinjaOne environment no longer has access to their MFA authentication method(s). Can I reset MFA for them?
System administrators are able to reset MFA for other users in their NinjaOne environment. To do this, navigate to Configuration > Users, and click Reset > Reset MFA for the user whose MFA you'd like reset. The user will then be prompted to set up MFA again upon their next login.
Does NinjaOne support hardware-based keys?
Yes. For instructions on how to add hardware-based keys, click here.
I use Authenticator App (time-based) MFA only, and I no longer have access to the device I use to authenticate. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
If you saved the numerical key listed below the barcode when you originally set up time-based MFA, you may use this key to set up MFA using a new device. If you do not have access to this key, please contact NinjaOne Support.
I use SMS-based MFA only, and I no longer have access to the phone number associated with my NinjaOne user. There are also no other system administrators in my NinjaOne environment. How can I get back into my account?
Please contact NinjaOne Support.
I lost my FIDO security key. How can I access my account?
Upon attempting to log in, select a primary method of authentication (Authenticator App or SMS) from the drop-list. You can then delete your FIDO key under your user settings.
Can I force other users in my NinjaOne environment to set up MFA for their accounts?
All NinjaOne users are required to set up and use MFA by default.
Can MFA be disabled for a user or account?
No. MFA is required for all NinjaOne user accounts and cannot be disabled.
What is the timeout duration for MFA codes?
For app-based MFA, the timeout is dependent upon the specific authenticator app that you use. For SMS-based MFA, the timeout is between 3 and 6 minutes.
Do all web browsers fully support MFA?
No. Refer to the following compatibility chart:
Is Apple "Passwords" supported by NinjaOne as an MFA app?
Yes, but for Apple devices with iOS 18 version only. Lower iOS versions are not currently supported.