2FA enforcement

2FA enforcement

Using 2FA protects from unauthorised access to a person's account and increases data security. 
Due to Xero requirements, ApprovalMax enforces 2FA for all users that access Xero-connected Organisations.

ApprovalMax is now offering two types of 2FA enforcement:
  1. Soft enforcement: every time a user reloads a webpage, they will be prompted to set up 2FA. An email notification with a reminder will be sent additionally on a weekly basis:
      
  2. Hard enforcement: every user action will redirect the user to the 2FA enforcement webpage. An email notification with a reminder will be sent on a daily basis:
Administrators can choose between the two enforcement types on the Organisation page:


2FA enforcement is turned on for all Xero-connected Organisations.

For Organisations that are not connected to Xero, the enforcement of 2FA is optional. 

Further information regarding the functionality and other available options will be disclosed at a later time.





    • Related Articles

    • Disclosure for Law Enforcement

      Under certain circumstances, ApprovalMax may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). For questions related to information ...

    • 2FA: Frequently Asked Questions

      Question Answer What happens if I just don't enable 2FA? If it's Soft Enforcement, you'll see a pop-up prompting you to set up 2FA with every page refresh. However, you can skip it until the next refresh. If it’s Hard Enforcement, you'll be ...

    • Release 2023-07-05

      NEW 2FA enforcement is generally available for all Organisations 2FA allows to protect users from unauthorised access to their accounts. ApprovalMax is introducing two 2FA enforcement types: Soft enforcement: every time a user reloads the webpage, ...

    • Release 2023-05-25

      NEW 2FA enforcement is available for all Organisations under the private Beta. 2FA allows to protect a person from the unauthorised access to their account. ApprovalMax is introducing two 2FA enforcement types: Soft enforcement: Every time user ...

    • How to reset 2FA if I've lost/changed my device with the Authenticator application

      To reset 2FA in ApprovalMax if you've lost or changed your device with the Authenticator application, follow these steps: 1. Use the alternative 2FA option for verification: either the code sent to your alternative email address, or the backup codes ...