Last updated 23/01/2021
Two-factor authentication (2FA) is a login security option that makes it more difficult for cybercriminals to impersonate users and gain access to a Cin7 account.
With 2FA enabled, in addition to providing their user ID and password (factor one), users are required to enter an additional security code (factor two) when they log in to their Cin7 account. The additional security code is generated by a third-party authenticator app installed on users' phones or desktops, such as Google Authenticator, Microsoft Authenticator, or Authy. Unless otherwise noted, Cin7 customers have options to:
Note: Effective October 15, 2020, 2FA is mandatory for Cin7 customers that integrate with Xero. If you integrate Cin7 with Xero, 2FA will be automatically enabled and required for all users that log in to your Cin7 account.
Each user must configure 2FA when logging in for the first time after 2FA is enabled (see Configuring 2FA below for details on how to configure 2FA).
You can choose to require 2FA for all users that log in to your Cin7 account. To require 2FA for all users:
You can choose to require 2FA for certain users that log in to your account. To require 2FA for a specific user:
Non-Administrators can enable 2FA for their individual logins if it is not otherwise required by an Administrator. To enable 2FA individually:
Note: The ability to allow individual users to enable 2FA can be disabled by an Administrator.
Users must install and configure their third-party authenticator app (i.e., Google Authenticator) on their mobile device or desktop when logging in to Cin7 for the first time after 2FA is enabled.
When using 2FA for the first time:
If you do not currently have an authenticator app on your mobile device or desktop, one can easily be installed. Cin7 recommends Google Authenticator, but other third-party authenticators such as Authy and Microsoft Authenticator can be used. Check with your information technology (IT) team to see if your company already has a preferred third-party authentication app.
To set up a third-party authenticator app for your device:
If you misplace your original recovery codes, you can generate new recovery codes in Cin7. To do this:
Administrators can give users access to Cin7 if a user has lost their mobile device and/or recovery codes. To reset user access:
If you use a bookmark in your browser to navigate to the Cin7 login page, the bookmark link must be updated after 2FA has been configured.
Please ensure the bookmark is changed from https://auth.cin7.com/Account/Login to https://go.cin7.com/Cloud/.
By default, you will be prompted to enter an authenticator code each time you log in. The authenticator code is generated by the authenticator app, which has to be added in the Authenticator Code box each time you log in. However, by selecting the Trust this device checkbox on the login page when entering a code, you will not be prompted again for another 72 hours. If this checkbox is unchecked, you may be prompted for an authenticator code when you log out manually or log out due to no activity for 2 hours.
If your workplace prohibits personal mobile devices, you can use a desktop-based third party authenticator app, such as Authy, instead.