Today we're shipping multi-factor authentication (MFA) for the Knock dashboard. MFA gives your team an extra layer of protection for the workflows, API keys, and customer data you manage in Knock.
After signing in with email or Google, Knock will prompt users for a one-time code from an authenticator app before granting access.
Members can individually enroll from profile settings, or account owners and admins can require MFA for everyone on the account. To prevent user lockouts, Knock generates backup codes at enrollment and supports admin resets.
Note: MFA applies to dashboard login only. API keys, service tokens, and other machine-to-machine credentials are not affected.
Multi-factor authentication is available today for all Knock customers. Read more in our documentation.
