Skip to main content

Multi-Factor Authentication (MFA)

This article walks you through how our MFA process works in Gain Compliance.

Multi-Factor Authentication adds an extra layer of security to your Gain login. MFA must be enabled by our team before use.

Before We Begin

MFA is only available when enabled for your organization. To request MFA setup, contact [email protected].

We recommend using Google Authenticator (mobile app or Chrome extension).
While other authenticator apps may be used - for optimal support and easy setup, we recommend using Google Authenticator.

How to Set Up MFA (Mobile App)

You’ll need access to both your computer and your mobile device (recommended) to complete the setup.

  1. Open the Authenticator App

    1. Select "Scan a QR code"

  2. Log in to Gain

    • Enter your email and password on the login screen.

    • Click Continue.

  3. Scan the QR Code

    Use Google Authenticator on your mobile device or as a Chrome extension.

    ❗Be sure to scan the QR code shown during the login process, not the one pictured here.

  4. Enter the Verification Code

    • After scanning, Google Authenticator will generate a temporary code.

    • Enter that code in the textbox provided.

    • Note: there is a time limit to each code. If you do not use the code produced by the app within one minute, a new one will automatically generate.

  5. Save Your Recovery Code

    • Gain will display a recovery code.

    • Store this code in a secure location. It will allow your access if you're ever without your authentication app.

✅ MFA setup is now complete! You’ll now be asked to enter a verification code from your authenticator app each time you log in.


🔁 You only need to complete this setup once. After that, just use the code provided by your app.

Need a Reset?

If you need your MFA reset, contact your Admin for assistance. Designated Administrators will have the “Admin” role on the User screen, see our help article here.

Admins: Managing MFA Resets for Your Team

Multi-Factor Authentication (MFA) is a vital layer of security for your organization. However, we understand that devices get lost or upgraded. As an administrator, you have the ability to reset MFA for your users to help them regain access.

How to Reset a User's MFA

  1. Navigate to the Users page from the top left hamburger menu.

  2. Locate the specific user in the list.

  3. Click the Reset MFA button associated with their profile on the user list page, or from the edit user page.

  4. Confirm the action. The user will be prompted to set up their MFA again upon their next login.

🛡️ Best Practices for Secure Resets

Resetting MFA can be a target for "social engineering" attacks. To keep your organization safe, follow these guidelines before clicking reset:

  • Verify Identity: Never reset MFA based solely on an email or chat request. Verify the request through a secondary channel, such as a quick video call or by calling the employee on a known phone number.

  • Confirm the Need: Ensure the user actually lost access (e.g., a broken phone or a new device) rather than just experiencing a temporary issue.

👉 Pro-Tip: Recovery Codes

Encourage your users to save their Recovery Codes during their initial MFA setup. This allows them to reset their own MFA independently without needing an admin intervention in the future.

Did this answer your question?