To strengthen the security of your account—and protect your clients’ data—we’re implementing an extra layer of protection: Multifactor Authentication (MFA). This simple, but powerful, step can significantly reduce the risk of common security threats:
- MFA prevents unauthorized access to your account, even if your password is stolen or compromised.
- This additional layer of security helps keep both your data and your clients’ information secure.
MFA will be required soon. Please ensure policies owned by former and/or inactive agents are transitioned to an alternate Agent of Record in advance.
How to set up MFA
Upon signing into the Portal with your username and password, you will be prompted to enter a one-time verification code. Obtain this code using one of the following options:
- Mobile authenticator app such as Okta, Google Authenticator, or Microsoft Authenticator
- Text message (SMS) sent to your registered phone number
- Push notification sent through Auth0 Guardian
What to expect after setup
Once you’ve set up MFA, you will only need to verify your identity every 30 days with regular activity. If you are inactive for more than one week, you may be prompted to re-verify your account sooner.
If you lose access to your MFA method, contact our Support Team, and we can help you reset it.
!! To keep your account and data secure, each person must use their own credentials. If any policies are still listed under former agents, remember to AOR those policies to an active employee and make sure each person has their own account.
Frequently Asked Questions
How often will I be required to authenticate with MFA?
Provided you selected “Remember this device for 30 days” and are active in the Portal on a weekly basis, you will only be required to log in with MFA every 30 days.
Which countries are supported for SMS?
Openly currently supports phone numbers in the US, Canada, India, and the Philippines. If an unsupported country code is used, text messages will not be delivered. If you used an unsupported country code, please contact Openly Support to reset your MFA-enrolled phone number.
What options do I have if I use a shared account?
For security purposes, we highly discourage using a shared account. If you’re using a shared account to issue policies on behalf of another agent, please view this Openly Help article on how you can change the agent of record before and after binding. Contact your Agency Administrator to obtain a new user account.
What if I do not want to use a mobile device for MFA?
There are several options for enabling MFA without the use of a mobile device:
- Some desktop password manager applications, such as 1Password, can function as an “authenticator app.”
- A variety of authenticator apps are available for both desktop and mobile devices. Zoho OneAuth is an option, supported on Windows, Mac, iOS, and Android.