Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) enhances security by protecting both your organization and every user account that interacts with it through SSH or the Upsun API.

When MFA is enforced within an organization, every project contributor must enable MFA on their user account so they can run Git commands, SSH into an environment, or trigger actions through the Upsun API.

Enable MFA on your user account

To access an organization that enforces MFA or any of its projects, you must enable MFA on your user account. Failure to do so results in forbidden access to the organization from the Console or API, and an error message when trying to SSH into its environments.

To enable MFA on your user account, follow these steps:

1. In the Console, open the user menu (your name or profile picture).
2. Click My profile
3. Click Security.
4. Click Set up application.
5. Follow the instructions for the chosen authentication app.
6. Click Verify & save.
7. Refresh your SSH credentials by running upsun login -f in the CLI.

Enforce MFA within your organization

To enable MFA within your organization, follow these steps:

1. In the Console, open the user menu (your name or profile picture).
2. Click Settings.
3. Click Security.
4. In the MFA required area, set the Enable toggle on.

Send email reminders

You can send email reminders to users who haven’t enabled MFA on their user account yet. To do so, follow these steps:

1. In the Console, open the user menu (your name or profile picture).
2. Click Settings.
3. Click Security.
4. In the User security settings area, find the user you want to send a reminder to.
5. Click More next to that user.
6. Select Remind.
   An email is sent to the user with instructions on how to enable MFA on their user account.