Why do I need to set up Two-factor authentication?

To enhance security, your firm requires you to set up two-factor authentication for your Silverfin account. Two-factor authentication won’t be enabled for users who already use SSO.



How can I set up Two-factor authentication for my firm?

Once enabled at the firm level by your admin, each user will get a notification when logging in to set up two-factor authentication. You can skip it once but will be required to set it up the next time you login. 



Once two-factor authentication has been set up, you will be prompted for your verification code again after 30 days.


Who will need to login with two-factor authentication?

All the users in your firm (including external users) will be required to set up two-factor authentication. Only users who already use SSO would be excluded. 



Which apps can I use to set up Two-factor-authentication?

Here are a few options third party authentication apps you can use to set up Two-factor authentication:

  1. Google Authenticator for IOS or Android (mobile app)

  2. WinAuth (desktop app) 


What if I don’t want to use two-factor authentication anymore?

An admin can disable the feature at firm level. However, each user who has in the meantime already set it up, will still need to login with two-factor authentication. You can contact support to see if two-factor authentication can be removed for this user.


A user still needs to login with two-factor authentication. Why is that? 

It could be that a user still needs to login with two-factor authentication, despite that two-factor authentication has been disabled at firm level. The two-factor authentication is linked to the email address of the user.


There could be two reasons  why the user still needs to login with two-factor authentication: 

  1. The user is required to set up two-factor authentication by another firm. 

  2. The user has set up two-factor authentication when it was enabled for your firm. 


You can contact support to ask why a certain user needs to login with two-factor authentication. We can only remove two-factor authentication if that user is not required to login with two-factor authentication by another firm.


A user gets an error message when trying to login via two-factor authentication. How can I help?


Admin users have the ability to reset the two-factor authentication for other users. This will send a new qr-code to the user, enabling them to set up their 2FA app again.


Admin users can do this by going to the user's profile at firm level and clicking on the button 'reset authentication':