Account Administrators can require all account members to use two-factor authentication (2FA) when they sign in to the impact.com account from a new device. The user experience with 2FA enabled goes as follows:
Upon first signing in, an account member will receive a verification code on their mobile device via SMS, email, or an authentication app.
Account members can then save their device as a trusted device—meaning they won’t need to use 2FA on subsequent sign-ins for the next 30 days. Once 30 days have passed, the user will again need to sign in via 2FA, and optionally save their device.
Account members can manage saved devices on the impact.com user profile screen.
This will enable mandatory two-factor authentication for all account users that sign in to your account.
From the left navigation menu, select [Menu] → Settings.
In the left column, under General, select Account User Authentication.
On the Account User Authentication screen, select User Login.
Select [Toggle on] Require users of this account to verify their identity upon login.
Select Save.
This will enable a mandatory 2FA check for account users attempting a partner funds transfer above the transfer minimum amount — once authenticated, the PFT will go through.
From the left navigation menu, select [Menu] → Settings.
In the left column, under General, select Account User Authentication.
On the Account User Authentication screen, select [Toggle] Require users of this account to verify their identity when initiating a partner funds transfer.
Under Transfer minimum, input a value as the minimum amount to require 2FA.
Select Save.
From the left navigation menu, select [User Profile] → Edit Profile.
Go to the Security section — next to Devices and Activity is a list of saved devices for the account.
Select Remove this device if you no longer access impact.com on that device.