Security & MFA
Settings → Security
Here you manage your password and two-factor authentication (MFA). Administrators also find the MFA policies for the entire workspace here.
Change password
Section titled “Change password”- Enter your current password
- Enter a new password that meets the displayed requirements
- Confirm the new password by entering it again
- If MFA is enabled: additionally enter your current authenticator code (6 digits)
- Click “Change password”
Note: If your company uses sign-in via Microsoft 365, you manage your password there and not in 9brains. More on this under Microsoft approval.
Two-factor authentication (MFA)
Section titled “Two-factor authentication (MFA)”MFA protects your account with an additional security factor. In addition to your password, you need a time-based code from an authenticator app (e.g. Microsoft Authenticator, Google Authenticator, or Authy).
Status: At the top of the page you can see whether MFA is enabled or disabled for your account.
Set up MFA
Section titled “Set up MFA”- Click “Set up MFA”
- You will be redirected to the setup page
- Scan the displayed QR code with your authenticator app
- Enter the generated code to complete the setup
From now on, you will be asked for the authenticator code with every sign-in.
Disable MFA
Section titled “Disable MFA”If MFA is not enforced by your company, you can disable it:
- Click “Disable MFA”
- Enter your password and your current authenticator code
- Confirm the deactivation
Note: If your company has enforced MFA, you will see the message “MFA cannot be disabled because it is enforced by your company”.
MFA deadline
Section titled “MFA deadline”If an administrator has made MFA mandatory, you may see a deadline warning:
“MFA is required. Please set up two-factor authentication by [date].”
Set up MFA before this date to avoid losing access to your account.
Sign-in via Microsoft 365
Section titled “Sign-in via Microsoft 365”If your company uses Microsoft 365 (Entra ID / Azure AD), the administrator can configure sign-in via Microsoft. In this case, you sign in to 9brains with your Microsoft account, and a separate 9brains password is not required.
Benefits:
- Just one sign-in for all services (single sign-on)
- Password management via Microsoft
- MFA settings of your Microsoft account apply automatically
Note: Setting up Microsoft 365 sign-in is done by the IT administrator at the company level. Instructions are available under Microsoft approval for administrators.
MFA policies (administrators only)
Section titled “MFA policies (administrators only)”This section is visible only to administrators.
As an administrator, you can make MFA mandatory for all users in the workspace.
Enforce MFA for all users
Section titled “Enforce MFA for all users”- Activate the toggle “Enforce MFA for all users”
- Confirm activation in the dialog that appears
What happens then:
- All users without MFA are prompted to set it up
- Users receive a deadline (grace period) within which they must enable MFA
- Users cannot disable MFA themselves while enforcement is active
Grace period
Section titled “Grace period”Define how much time users have to set up MFA:
- 7 days
- 14 days
- 30 days
After the deadline expires, users without MFA can no longer access 9brains.
Users without MFA
Section titled “Users without MFA”A list shows you all users who have not yet set up MFA, including their individual deadline. This way you keep track and can remind users if needed.