Setting up Multi-Factor Authentication on your account Follow
To protect your event and attendee data, Splash requires Multi-Factor Authentication (MFA) set up for each Splash account. You’ll be required to use MFA every time you log in to Splash.
Benefits of MFA enhanced security
- MFA adds an extra layer of security beyond just your email and password, ensuring your event and attendee data is protected.
- Even if credentials are compromised, an additional verification method will be required.
Setting up MFA
After logging into Splash, you’ll enter the MFA setup flow.
There are three options available for setting up MFA:
Option 1: Push notification via Auth0 Guardian app
This method sends a notification to your device asking you to approve or reject the login attempt.
Option 2: One-time code via an Authenticator app
This method requires you to open your authenticator app, like Google authenticator, and enter the one-time passcode. Note that other authenticator apps are supported.
Option 3: One-time code via SMS
This method will trigger a one-time passcode via a text message to your phone number.
Save the recovery code
The final setup step is to save your recovery code. All MFA methods will also provide an option to enter your recovery code instead of using your enrolled method in the event of a lost device (or similar). However, these are single use codes. Once used, a new one will be generated for you to store somewhere safe in case you need it again.
Inactivity and login
If your account has been inactive for more than 90 days, you will need to follow our account verification flow.
- Go to your email and find the email from us with the verification code.
- Copy the verification code.
- Enter the verification code in Splash.
- Click Log in.
FAQs
What if I do not want to set up MFA?
We have a temporary option for you to skip MFA setup during enrollment. But we will be enforcing MFA for all users by the end of February 2025.
Will this apply to Host App logins?
Yes, this will also apply to Host App users on both iOS and Android.
How often will MFA be required?
MFA will be required every time you login to Splash.
What if we use the public APIs? Will API users need to authenticate?
MFA only applies to log ins to the Splash web version and Host App, not the public APIs. Public API users do not need to go through MFA.
Does this apply to SSO users?
No. SSO users will bypass MFA.
What is the recovery code for?
Your recovery code is used if the MFA method you previously set up is not accessible to you. It is very important that this recovery code is saved and accessible, should you run into issues with your MFA method.
What if I need to reset my MFA?
If you need to reset your MFA, you can reach out to our support team for assistance.
Will using the recovery code instead of my enrolled MFA method reset MFA?
No, on your next login, you will go through the same MFA method you enrolled in.
Can I enroll in more than one MFA method?
No, this is not supported at this time.
Do I need to enroll in MFA on sign up?
You do not need to enroll in MFA when you sign up for Splash; you just need to validate your email address. After you validate your email and login again, you will be asked to enroll in MFA. MFA takes place on any login action.
Does this apply to all account types?
Yes, this applies to all users of Splash, whether you have a free account or are a part of an organization.
I set up SMS messaging but the texts are sent from a sender named Cvent. Is this correct?
This is correct! Depending on the country you are in, the SMS verification can come from either of these senders:
- Cvent
- Event Text
- Splash
- [10-digit phone number]
Comments
0 comments
Please sign in to leave a comment.