Decube
Try for free
  • 🚀Overview
    • Welcome to decube
    • Getting started
      • How to connect data sources
    • Security and Compliance
    • Data Policy
    • Changelog
    • Public Roadmap
  • Support
  • 🔌Data Warehouses
    • Snowflake
    • Redshift
    • Google Bigquery
    • Databricks
    • Azure Synapse
  • 🔌Relational Databases
    • PostgreSQL
    • MySQL
    • SingleStore
    • Microsoft SQL Server
    • Oracle
  • 🔌Transformation Tools
    • dbt (Cloud Version)
    • dbt Core
    • Fivetran
    • Airflow
    • AWS Glue
    • Azure Data Factory
    • Apache Spark
      • Apache Spark in Azure Synapse
    • OpenLineage (BETA)
    • Additional configurations
  • 🔌Business Intelligence
    • Tableau
    • Looker
    • PowerBI
  • 🔌Data Lake
    • AWS S3
    • Azure Data Lake Storage (ADLS)
      • Azure Function for Metadata
    • Google Cloud Storage (GCS)
  • 🔌Ticketing and Collaboration
    • ServiceNow
    • Jira
  • 🔒Security and Connectivity
    • Enabling VPC Access
    • IP Whitelisting
    • SSH Tunneling
    • AWS Identities
  • ✅Data Quality
    • Incidents Overview
    • Incident model feedback
    • Enable asset monitoring
    • Available Monitor Types
    • Available Monitor Modes
    • Catalog: Add/Modify Monitor
    • Set Up Freshness & Volume Monitors
    • Set Up Field Health Monitors
    • Set Up Custom SQL Monitors
    • Grouped-by Monitors
    • Modify Schema Drift Monitors
    • Modify Job Failure Monitors (Data Job)
    • Custom Scheduling For Monitors
    • Config Settings
  • 📖Catalog
    • Overview of Asset Types
    • Assets Catalog
    • Asset Overview
    • Automated Lineage
      • Lineage Relationship
      • Supported Data Sources and Lineage Types
    • Add lineage relationships manually
    • Add tags and classifications to fields
    • Field Statistcs
    • Preview sample data
  • 📚Glossary
    • Glossary, Category and Terms
    • Adding a new glossary
    • Adding Terms and Linked Assets
  • Moving Terms to Glossary/Category
  • AI Copilot
    • Copilot's Autocomplete
  • 🤝Collaboration
    • Ask Questions
    • Rate an asset
  • 🌐Data Mesh [BETA]
    • Overview on Data Mesh [BETA]
    • Creating and Managing Domains/Sub-domains
    • Adding members to Domain/Sub-domain
    • Linking Entities to Domains/Sub-domains
    • Adding Data Products to Domains/Subdomains
    • Creating a draft Data Asset
    • Adding a Data Contract - Default Settings
    • Adding a Data Contract - Freshness Test
    • Adding a Data Contract - Column Tests
    • Publishing the Data Asset
  • 🏛️Governance
    • Governance module
    • Classification Policies
    • Auto-classify data assets
  • ☑️Approval Workflow
    • What are Change Requests?
    • Initiate a change request
    • What are Access Requests?
    • Initiate an Access Request
  • 📑Data reconciliation
    • Adding a new recon
    • Understand your recon results
    • Supported sources for Recon
  • 📋Reports
    • Overview of Reports
    • Supported sources for Reports
    • Asset Report: Data Quality Scorecard
  • 📊Dashboard
    • Dashboard Overview
    • Incidents
    • Quality
  • ⏰Alert Notifications
    • Get alerts on email
    • Connect your Slack channels
    • Connect to Microsoft Teams
    • Webhooks integration
  • 🏛️Manage Access
    • User Management - Overview
    • Invite users
    • Deactivate or re-activate users
    • Revoke a user invite
  • 🔐Group-based Access Controls
    • Groups Management - Overview
    • Create Groups & Assign Policies
    • Source-based Policies
    • Administrative-based Policies
    • Module-based Policies
    • What is the "Owners" group?
  • 🗄️Org Settings
    • Multi-factor authentication
    • Single Sign-On (SSO) with Microsoft
    • Single Sign-On (SSO) with JumpCloud
  • ❓Support
    • Supported Features by Integration
    • Frequently Asked Questions
    • Supported Browsers and System Requirements
  • Public API (BETA)
    • Overview
      • Data API
        • Glossary
        • Lineage
        • ACL
          • Group
      • Control API
        • Users
    • API Keys
Powered by GitBook
On this page
  • Requirements
  • Enabling MFA on your account
  • Enforcing MFA on your account
  • Disabling MFA
  • Enforcing MFA on organization users
  • Disabling MFA for your Organisation.
  • FAQ
  • I can't access my account because I lost my device. How can I regain access?
  1. Org Settings

Multi-factor authentication

Set up multi-factor authentication on your decube workspace to ensure security for all your users.

PreviousWhat is the "Owners" group?NextSingle Sign-On (SSO) with Microsoft

Last updated 1 year ago

Requirements

To enforce MFA for your organization, you will need to be an Owner or have permission to Manage access for organization. You will also need to enable the MFA on your account first before you can enforce it on behalf of your organization. The enabling of MFA is completely optional but recommended.

Enabling MFA on your account

To enable MFA on your account, head over to the Update Profile page and click on Set Up in the Multifactor Authentication section.

In the first-time setup, you will have to scan the QR code with an authenticator app in your device (such as Google Authenticator, Microsoft Authenticator, Authy etc.) to generate a single use code. Enter the generated 6-digit code in the verification field.

The QR code is only valid for 1 minute, and the page will time out in 3 minutes; otherwise you will need to sign in again.

After you have successfully validated the verification code, you will be shown a recovery code for your account. Ensure that you copy and keep the recovery code safely as you will need this to access your account in case you do not have access to your device.

The recovery code is one-time use only. Once you have used your recovery code, you will need to set up the MFA again on your account.

Enforcing MFA on your account

You are able to enforce MFA on your account by navigating to "My Account" > "Update Profile" tab.

To enable MFA on your account, it is compulsory to "Enable Sudo Mode". Upon enabling sudo mode, you will receive a OTP to your email. Without closing the window, go to your registered email and retrieve the OTP. Then, paste the OTP into the window.

Once the OTP verification has passed, you can enable MFA on your account by selecting "Set Up" under the MFA option.

Disabling MFA

To disable MFA on your account, on the same "My Account" > "Update Profile" tab, simply select "Disable"once you have pass the sudo mode verification.

Upon selecting "Disable", MFA has then been successfully revoked from your account and you will be redirected to the sign-in page again.

Enforcing MFA on organization users

You can navigate to the Org Settings in My Account to toggle on the Multifactor Authentication section to force all users to set up their MFA settings on the next login.

To enable MFA on your organization, it is compulsory to "Enable Sudo Mode". Upon enabling sudo mode, you will receive a OTP to your email. Without closing the window, go to your registered email and retrieve the OTP. Then, paste the OTP into the window. This opens up the option to enable the toggle for MFA.

Disabling MFA for your Organisation.

To disable MFA on your organisation, you may turn off the toggle under the "MFA" option upon passing the sudo mode verification.

FAQ

I can't access my account because I lost my device. How can I regain access?

If you have your recovery code which was shown when you set up your account, you can use the recovery code on the MFA verification page which will disable the MFA on your account. If MFA is enforced across your organization, you may need to set up MFA again.

In case you have not kept your recovery code, to regain access to your account, we will need to verify that you are the owner of the account. In this case, write to us at support@decube.io and CC your organization owner. Once your organization owner verifies that your request is legitimate (by replying to your email), we will proceed to disable the MFA on your account.

🗄️
Under the Update Profile page in the My Account, you can now click on Set Up in the Multifactor Authentication.
First-time setup for MFA.