Canopy

Admins can manage multi-factor authentication (MFA) requirements across their entire firm. This includes selecting a default MFA method for both internal team members and external client portal users. You can also reset login access for individual team members if needed.

___________________________________________________________

🧾 Required Plan, License, and Permissions

Admin-level access to Settings &gt; Security

Applicable to firms using Canopy clients using the Client Portal

- Admin-level access to Settings &gt; Security
- Applicable to firms using Canopy clients using the Client Portal

💡 Why does this matter to an accountant or admin?

Firm-wide MFA ensures secure access for both your internal team and clients. It protects sensitive tax and financial data and simplifies compliance with security best practices.

<a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#set-mfa-defaults-for-team-members-and-clients" target="_blank">Set MFA defaults for team members and clients</a>

<a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#reset-mfa-logins-for-team-members" target="_blank">Reset MFA logins for team members</a>

<a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#how-do-i-turn-on-permission-settings-for-managing-mfa-for-other-team-members" target="_blank">Turn on permission settings for managing MFA</a>

<a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#troubleshooting" target="_blank">Troubleshooting</a>

<a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#summary" target="_blank">Summary</a>

1. <a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#set-mfa-defaults-for-team-members-and-clients" target="_blank">Set MFA defaults for team members and clients</a>
2. <a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#reset-mfa-logins-for-team-members" target="_blank">Reset MFA logins for team members</a>
3. <a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#how-do-i-turn-on-permission-settings-for-managing-mfa-for-other-team-members" target="_blank">Turn on permission settings for managing MFA</a>
4. <a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#troubleshooting" target="_blank">Troubleshooting</a>
5. <a href="https://support.getcanopy.com/en/articles/11643236-how-do-i-manage-firm-wide-mfa-settings-for-team-members-and-clients#summary" target="_blank">Summary</a>

🔧 Set MFA defaults for team members and clients

Click your profile icon in the global navigation bar.

Select Settings &gt; Security.

Under Multi-factor Authentication, choose a method for team members.

Choose a method for client portal users.

Click Update MFA Settings to save your changes.

1. Click your profile icon in the global navigation bar.
2. Select Settings &gt; Security.
3. Under Multi-factor Authentication, choose a method for team members.
4. Choose a method for client portal users.
5. Click Update MFA Settings to save your changes.

If a team member is having trouble accessing their account or needs to reconfigure MFA:

From the Security settings page, click Manage MFA Logins.

Select one or more team members from the list.

This will trigger a reset of their MFA setup, allowing them to log in and reauthenticate.

Click the X in the upper-right corner to close the pop-up window.

1. From the Security settings page, click Manage MFA Logins.
2. Select one or more team members from the list.
3. Click the Reset Login arrow.
 This will trigger a reset of their MFA setup, allowing them to log in and reauthenticate.
4. Click the X in the upper-right corner to close the pop-up window.

🛡️ How do I turn on permission settings for other team members to manage MFA settings?

To allow other team members to manage MFA login resets, admins must enable the related permission within their permission set.

Go to Settings &gt; Access and Permissions.

Click the permission set you want to update.

Toggle Security Settings to on.

1. Click your profile icon in the global navigation bar.
2. Go to Settings &gt; Access and Permissions.
3. Click the permission set you want to update.
4. Scroll to the Settings section.
5. Toggle Security Settings to on.
6. Click Done to save your changes.

🔎 Tip: Not all users need access to MFA management. Only enable this setting for trusted roles who oversee team onboarding or IT support.

Team member didn't receive a reset prompt

After clicking Reset Login, team members should be prompted to set up MFA the next time they log in.

- Clear browser cookies and cache
- Confirm they’re using the Canopy web app (not a cached bookmark)
- Check that their email is correct in their user profile

- After clicking Reset Login, team members should be prompted to set up MFA the next time they log in.
- If they don’t see a prompt:
 - Clear browser cookies and cache
 - Confirm they’re using the Canopy web app (not a cached bookmark)
 - Check that their email is correct in their user profile

Only users with admin access can change MFA settings.

If the Update MFA Settings button is unavailable, verify your permission level.

- Only users with admin access can change MFA settings.
- If the Update MFA Settings button is unavailable, verify your permission level.

Clients will be prompted to set up MFA only during new logins after the setting is applied.

Ask the client to log out and sign back in.

- Confirm they have client portal access
- Double-check the email they’re using to log in
   

- Clients will be prompted to set up MFA only during new logins after the setting is applied.
- Ask the client to log out and sign back in.
- If the prompt still doesn’t appear:
 - Confirm they have client portal access
 - Double-check the email they’re using to log in

Canopy’s firm-wide MFA settings give admins centralized control over how team members and clients authenticate. You can enforce consistent security protocols, delegate access where needed, and resolve login issues quickly.

Contact Support or ask Penny, our AI Support Bot, for assistance.

How do I manage firm-wide MFA settings for team members and clients?

Status

Terms & Conditions

Release Notes

Privacy

Product Feedback

Google Data Use Disclosure

Client Portal Help

Webinars

Log In

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

How do I manage firm-wide MFA settings for team members and clients?

🧾 Required Plan, License, and Permissions

💡 Why does this matter to an accountant or admin?

📚 Table of Contents

🔧 Set MFA defaults for team members and clients

🔁 Reset MFA logins for team members

🛡️ How do I turn on permission settings for other team members to manage MFA settings?

🧩 Troubleshooting

Team member didn't receive a reset prompt

Can’t update MFA settings

Client wasn't prompted for MFA

✅ Summary

🆘 Need help?