Complete guide to activating multi-factor authentication (MFA) in Linkbreakers for enhanced workspace security, including setup steps and troubleshooting tips.
Security breaches can destroy marketing campaigns and compromise customer data. Multi-factor authentication (MFA) provides a crucial defense layer that protects your workspace even when passwords are compromised.
Linkbreakers MFA requires team members to verify their identity through email codes in addition to their regular passwords. This dual verification significantly reduces unauthorized access risks while maintaining user-friendly authentication workflows.
Implementing MFA demonstrates your commitment to protecting campaign data, customer information, and brand assets stored in your workspace.
Multi-factor authentication in Linkbreakers uses email-based verification codes as the second authentication factor. When enabled, team members must provide both their password and a time-sensitive code sent to their registered email address.
This email-based approach balances security with accessibility. Most team members can receive verification codes through their existing business email without requiring additional apps or hardware devices.
When someone signs into a workspace with MFA enabled, they complete the standard username and password authentication first. The system then sends a 6-digit verification code to their registered email address.
The verification code expires after 15 minutes for security purposes. Users must enter this code within the time limit to complete authentication and access the workspace.
Each verification code works only once. Even if someone intercepts a code, it becomes useless after the legitimate user enters it or when the 15-minute window expires.
MFA operates at the workspace level, meaning it affects all team members who belong to that workspace. When you enable MFA, every team member must use two-factor authentication for workspace access.
This universal enforcement ensures consistent security across your entire team. You can't selectively enable MFA for some team members while leaving others with password-only authentication.
The workspace-wide approach simplifies security management and eliminates potential weak points where some accounts might have weaker protection.
Only workspace administrators can enable or disable MFA. This restriction ensures that security decisions remain with authorized personnel who understand the implications for the entire team.
Navigate to Workspace Settings and locate the security section. You'll find MFA controls alongside other workspace security configurations.
Before enabling MFA, communicate the change to your team members. Sudden MFA activation can disrupt workflows if people aren't prepared for the additional authentication step.
Consider timing the activation during low-activity periods or when team members are available to handle any authentication issues. Avoid enabling MFA right before important campaign launches or during busy periods.
Ensure all team members have access to their registered email accounts. Team members who can't receive verification emails will be locked out of the workspace until the issue is resolved.
Click "Enable MFA" in the workspace security settings. The system will present a confirmation dialog explaining the implications of this change for all workspace members.
Confirm your decision to enable MFA. The change takes effect immediately for all future sign-in attempts. Team members currently signed in remain authenticated until their sessions expire or they sign out.
The system sends notification emails to all workspace members informing them about the MFA activation. These notifications include instructions for handling the new authentication requirements.
Once activated, MFA applies to all authentication attempts for your workspace. Team members signing in will immediately encounter the two-factor authentication flow.
Existing authenticated sessions remain valid until they naturally expire. However, any new sign-in attempts require both password and email verification.
Mobile app users and API integrations continue working with existing authentication tokens. MFA affects interactive sign-in processes but doesn't disrupt programmatic access using valid API tokens.
When team members sign into an MFA-enabled workspace, they follow the enhanced authentication workflow that adds email verification to the standard process.
The sign-in process begins normally with email address and password entry. After successful password verification, the system displays a verification code input screen instead of proceeding directly to the dashboard.
Linkbreakers sends a 6-digit verification code to the team member's registered email address. The email includes the code and reminds users about the 15-minute expiration time.
Team members enter the verification code on the authentication screen and click "Verify" to complete the sign-in process. Successful verification grants full workspace access as usual.
Verification emails arrive from Linkbreakers' notification system with clear subject lines indicating their purpose. The emails contain the 6-digit code prominently displayed for easy identification.
These emails also include security reminders about not sharing codes and instructions for contacting support if the user didn't initiate the sign-in attempt.
Verification emails typically arrive within seconds, though email delivery can occasionally take a few minutes depending on email provider processing times.
Verification codes expire exactly 15 minutes after generation for security purposes. If someone enters an expired code, the system rejects it and offers the option to request a new code.
Team members can request new verification codes if the original expires or if they don't receive the email. The system generates fresh codes with new 15-minute expiration windows.
Each user can request a limited number of verification codes within a time period to prevent abuse while ensuring legitimate users can always access the workspace.
Corporate email systems sometimes delay or filter automated messages. If team members don't receive verification codes promptly, they should check spam folders and add notifications@linkbreakers.com to their safe sender lists.
Email providers with aggressive filtering might block verification emails. Work with your IT team to ensure Linkbreakers notification emails reach team members reliably.
Some organizations require email whitelist approvals for external automated messages. Coordinate with IT teams before enabling MFA to prevent authentication disruptions.
Team members who lose access to their registered email accounts cannot complete MFA verification. Contact workspace administrators immediately to address these situations.
Administrators can temporarily disable MFA to restore access, though this reduces security for the entire workspace. Consider this option only as a last resort for critical situations.
The proper solution involves updating the team member's email address in their account settings, but this typically requires administrative intervention.
Clear browser caches and cookies if MFA repeatedly fails with valid codes. Sometimes stored authentication data conflicts with the new MFA requirements.
Modern browsers work best with Linkbreakers' MFA implementation. Encourage team members to use current browser versions and enable JavaScript for optimal functionality.
Private/incognito browsing modes can sometimes cause session issues with MFA. Try normal browsing mode if authentication problems persist.
Large organizations should develop comprehensive MFA rollout plans that include team training, communication strategies, and support procedures for authentication issues.
Consider phased rollouts where MFA activates for pilot groups before full organizational deployment. This approach helps identify potential issues and refine support processes.
Establish clear escalation procedures for MFA-related access problems. Team members need to know who to contact and how quickly they can expect resolution.
Create internal documentation explaining your organization's MFA implementation and provide step-by-step instructions for team members encountering the new authentication flow.
Include screenshots of the MFA process and common troubleshooting steps in your documentation. Visual guides help team members navigate the new requirements confidently.
Regular training updates ensure new team members understand MFA requirements and experienced users stay current with any process changes.
Track MFA adoption and identify team members experiencing repeated authentication difficulties. Early intervention can prevent frustration and maintain productivity.
Document MFA usage for compliance or audit purposes if your organization requires security control documentation. Keep records of when MFA was enabled and any temporary disablements.
MFA requirements don't affect existing API token authentication. Programmatic integrations continue working normally because they use API tokens rather than interactive authentication.
However, creating new API tokens requires completing the MFA flow since token creation happens through the authenticated dashboard interface.
Development teams should ensure they have appropriate API tokens before enabling MFA to avoid disruptions in automated systems or integrations.
Webhook deliveries continue operating normally with MFA enabled. These automated processes don't require interactive authentication and remain unaffected by workspace MFA settings.
Existing integrations using OAuth or API tokens maintain their functionality regardless of MFA status. The enhanced authentication requirements apply only to human users signing into the dashboard.
Workspace administrators can disable MFA through the same security settings where they enabled it. However, consider the security implications carefully before removing this protection.
Disabling MFA immediately removes the verification code requirement for all future sign-ins. Team members will revert to password-only authentication for workspace access.
Temporary MFA disabling might be necessary during email system outages that prevent verification code delivery. However, re-enable MFA as soon as email service restores.
Persistent technical issues affecting multiple team members might justify temporary disabling while you work with support to resolve underlying problems.
Never disable MFA permanently without implementing alternative security measures. The enhanced protection MFA provides outweighs the minor inconvenience of email verification.
MFA adds approximately 30-60 seconds to the sign-in process, depending on email delivery speed. Most team members find this acceptable given the security benefits.
Currently, Linkbreakers MFA uses email-based verification only. Authentication app support isn't available, but email verification provides strong security for most use cases.
The system temporarily locks the account after multiple failed verification attempts. This protection prevents brute force attacks while legitimate users can try again after a brief waiting period.
Yes, verification codes work on any device where the team member attempts to sign in. The codes aren't tied to specific devices or browsers.
Workspace administrators can monitor MFA usage through activity logs and authentication reports. These insights help ensure compliance and identify potential issues.
Session duration remains unchanged with MFA. Team members stay signed in for the same period as before MFA activation, but must complete two-factor authentication for new sign-ins.
Contact Linkbreakers support during email outages that prevent verification code delivery. Support can provide guidance for maintaining workspace access during technical emergencies.
MFA significantly reduces unauthorized access risks but isn't a complete security solution. Combine MFA with strong passwords, regular access reviews, and security awareness training for comprehensive protection.
MFA represents one of the most effective security measures you can implement for your Linkbreakers workspace. The minor inconvenience of email verification provides substantial protection against unauthorized access and data breaches.
Plan your MFA rollout carefully, communicate changes clearly to your team, and establish support procedures for authentication issues. When implemented thoughtfully, MFA enhances security without significantly impacting team productivity.
Learn how to set up custom domains and create branded short links that reinforce your brand identity while maintaining professional appearance across all marketing channels.
Step-by-step guide to inviting team members to your Linkbreakers workspace, managing invitations, and ensuring proper collaboration setup for your marketing campaigns.
Comprehensive guide to workspace roles and permissions in Linkbreakers, including Admin, Viewer, and Tech roles with detailed access control explanations.
Can't find what you're looking for? Get in touch with our support team.
Contact Support