Multi-factor authentication (MFA) makes accessing your ActiveCampaign account more secure. Once enabled, you’ll need to use two identification methods to access your account. One is your username and password, and the other is a six-digit verification code. An authentication app can generate this code on your mobile device or via SMS.
Multi-factor authentication helps protect data in your ActiveCampaign account and can prevent logins from unauthorized individuals.
Take note
- Enabling multi-factor authentication for your login is not required, however, it is recommended
- If you choose an authentication app as your second factor, you must download an authenticator app to your mobile device. There are several different supported authentication apps to choose from
- If you choose SMS text message for multi-factor authentication, you will receive text message codes directly to your device
- You will need your mobile device to generate a verification code each time you wish to log into your ActiveCampaign account
- If you don't have access to your mobile device, we recommend storing your recovery codes on a separate device or offline. If you don't have your recovery codes, you can reset them in your ActiveCampaign account under Settings > Security > Reset Recovery Codes
- Once MFA is enabled for your account, it will be applied to the desktop version of ActiveCampaign, as well as the ActiveCampaign mobile app, Conversations mobile app, Chrome Extension, and Outlook Add-In.
How multi-factor authentication works with your ActiveCampaign account
Users in the Admin group can enable and disable MFA for individual users or the entire account.
All other account users (non-admins) can enable/disable MFA for their individual account login.
First-time login with MFA
Users need to use an authentication app on their mobile devices to scan a QR code that appears during the account login process. The QR code will appear after they submit their account username and password on the login page. Each account user will have their unique QR code to scan. This QR code only needs to be scanned during the initial setup.
After a user scans the QR code, their authentication app will generate a six-digit verification code that they will need to type into their login screen.
QR Scanner apps do not generate verification codes.
Once the verification code is submitted, users will gain access to their ActiveCampaign account.
In order for multi-factor authentication to take effect, users must log out of their ActiveCampaign account, then log back in.
If you disable then re-enable multi-factor authentication for your account login, you will need to rescan the QR code using the authentication app on your mobile device.
Set up account-wide multi-factor authentication
If you are an Account Admin, you can enforce account-wide multi-factor authentication. Once enabled, all account users must present a verification code along with their username and password to access their account.
Before you begin:
- Account users cannot modify MFA settings once account-wide MFA is set
- Only Account Admins can set account-wide MFA
- In order to set up an account-wide MFA, you must set it up for your account first. These steps are outlined below, along with how to set account-wide MFA
To get started:
- Click Settings > Security on the left menu.
- Two toggles will appear on the Security page. Click the "Set up for myself" toggle to set it to the "On" position.
- A modal will appear. Choose how you will receive your authentication code by clicking one of the options. You can choose to use an Authentication App or an SMS text message.
- Click the "Continue" button.
- Enter the verification code, then click the "Verify" button:
- Authentication app: If you select this method, we'll present you with a QR code on your screen. Open the authentication app on your mobile device and scan the OR code. The authentication app will generate a six-digit verification code. Type this code into the field provided. You only need to scan the QR code once.
- SMS: if you select this method, click the country dropdown, then click your country code. Next, type your phone number into the field provided. A six-digit verification code will be sent to you via text message. Type this code into the field provided.
- Click the "Verify" button.
- A modal will appear containing recovery codes. Copy these codes and store them in a safe place. Click the "Done" button.
- Click the "Enable for the entire account" toggle to set it to the "On" position.
- A modal window will appear. Click the "Continue" button.
Multi-factor authentication is now enforced for all users on your account. All users that do not have multi-factor authentication will be logged out.
In order for multi-factor authentication to take effect, users must log out of their ActiveCampaign account, then log back in.
Set up multi-factor authentication for individual account users
If you are an Account Admin, you can enforce MFA for individual users. This means that individual account users must present a verification code along with their username and password to access their account. This is an alternative to enforcing MFA for all account users.
Before you begin:
- Account users cannot modify MFA settings once an Admin sets MFA
- Only Account Admins can enforce MFA for individual account users
To get started:
1. Click Settings > Users and Groups.
2. Locate the user you wish to enable multi-factor authentication for, then click "Edit."
3. An "Edit User" modal will open. Locate the "Multi-Factor Authentication" toggle and set it to "On" by clicking it.
4. Click "Save."
The account user will have multi-factor authentication enabled for their login.
In order for multi-factor authentication to take effect, users must log out of their ActiveCampaign account, then log back in.
Set up multi-factor authentication for your account login
Any account user can enable MFA for their own login. Once enabled, you need to present a verification code, along with your username and password, to access your account.
To get started:
- Click Settings > Security on the left menu.
- Two toggles will appear on the Security page. Click the "Set up for myself" toggle to set it to the "On" position.
- A modal will appear. Choose how you will receive your authentication code by clicking one of the options. You can choose to use an Authentication App or an SMS text message.
- Click the "Continue" button.
- Enter the verification code, then click the "Verify" button:
- Authentication app: If you select this method, we'll present you with a QR code on your screen. Open the authentication app on your mobile device and scan the OR code. The authentication app will generate a six-digit verification code. Type this code into the field provided. You only need to scan the QR code once.
- SMS: if you select this method, click the country dropdown, then click your country code. Next, type your phone number into the field provided. A six-digit verification code will be sent to you via text message. Type this code into the field provided.
- Click the "Verify" button.
- A modal will appear containing recovery codes. Copy these codes and store them in a safe place.
- Click the "Done" button.
Supported authentication apps
You can use any of the following authentication apps on your mobile device to access your MFA-enabled ActiveCampaign account:
More information on multi-factor authentication
Log into your ActiveCampaign account with multi-factor authentication
How to turn off multi-factor authentication for your ActiveCampaign account
About multi-factor authentication recovery codes
How to update your profile preferences for multi-factor authentication