How to Set Up and Manage Multi-Factor Authentication for Your Users on Ninety
Learn how to implement secure MFA authentication for your company or user data.
Written by Tommy Mains
Updated at December 8th, 2025
-
Account Options and Troubleshooting
-
Integrations
-
Getting Started
-
Insights
-
Scorecard
-
Rocks
-
To-Dos
-
Issues
-
Meetings
-
Headlines
-
V/TO
-
Accountability Chart
-
1-on-1
-
People and Toolbox
-
Directory
-
Knowledge Portal
-
Assessments
-
Mobile
Table of Contents
Modern Multi-Factor Authentication (MFA) at Ninety
Starting on 11 December 2025, all new users can secure their Ninety login credentials with either:
- Single-sign on (SSO) from Microsoft of Google.
- Temporary one-time password (TOTP) generation to a preferred authenticator app.
Existing users with accounts started before 11 December 2025, can still utilize SMS as their preferred or backup MFA option. More details below.
MFA and SSO
Users who log in with SSO (via Microsoft or Google) cannot opt into or be required to use MFA. The security standards upheld by the SSO providers meet our safety standards.
How to Require MFA for Your Company
An Owner or Admin can require all users to use MFA by visiting Settings > Configuration and toggling on Require MFA in the Security section — for new users, the security may say Require Authenticator for all users of company instead. The user who turns this on is unaffected by the change until they log out of their current session. At the next login, the owner follows the MFA requirements.
After enabling MFA for your company, team members who use an email address and password to log in (not SSO) will need to use MFA the next time they log in.
For example, after an Owner or an Admin enables requiring MFA for all users on their account, the next time one of their team members attempts to log into Ninety, they'll be prompted to set up MFA with an authenticator app of their choice.
How to Set Up MFA for an Individual Account
If a company does not require MFA, a user can still enable it for personal use by visiting User Settings > Account.
To activate MFA with an authenticator app:
- Click your name at the bottom of the left navigation.
- Click User Settings from the option shown in the popup.
- Click Account from the user setting navigation options.
- Identify the Authenticator section and click Set up your authenticator app.
- Scan the QR code using a trusted authenticator app, such as Google Authenticator or Authy.
- Enter the six-digit code from the authenticator app and click Verify.
If your company does require MFA for your Ninety login, the first time you sign in, you'll be prompted to set up an authenticator app before accessing Ninety. To do so, you'll download a trusted authenticator app on your smartphone, scan the QR code, and enter the six-digit code from the app to verify.
What Is an Authenticator App?
An authenticator app is a mobile application that generates temporary six-digit security codes for logging into your account. These codes change every 30 seconds and provide stronger security than SMS-based codes. Popular options include Google Authenticator, Microsoft Authenticator, Authy, and 1Password.
How to Switch Authenticator Apps
To switch apps after enabling an authenticator:
- Navigate to User Settings > Account.
- Click Change authenticator app to switch to another trusted app.
- Verify your password before scanning the QR code and entering the code.
How to Delete an Authenticator App Connection
If you'd like to remove the connection between Ninety and an authenticator app from our platform:
- Navigate to User Settings > Account.
- Click the trash can icon on the right side of the Authenticator section.
- Confirm your choice by clicking Remove on the popup.
Legacy SMS Verification
If you created your Ninety account before 11 December 2025, you can still utilize SMS as your preferred or backup method for MFA.
If you have access to MFA via SMS, follow these directions to set it up:
- Navigate to User Settings > Account.
- Verify your phone number in the Login Information section.
- Enable SMS.