Skip to main content

Overview

Multi-Factor Authentication (MFA) adds an extra layer of security to your Plumi account. When enabled, you’ll need both your password and a time-based code from an authenticator app to sign in.

Supported Authenticator Apps

Plumi MFA works with any TOTP-compatible authenticator app:
  • Google Authenticator (iOS, Android)
  • Microsoft Authenticator (iOS, Android)
  • Authy (iOS, Android, Desktop)
  • 1Password (iOS, Android, Desktop)
  • Bitwarden (iOS, Android, Desktop)

Enabling MFA

1

Go to Settings

Navigate to Settings from the sidebar.
2

Find MFA Section

Scroll to the Two-Factor Authentication (MFA) section.
3

Click Enable MFA

Click the Enable MFA button to start the setup process.
4

Scan QR Code

Open your authenticator app and scan the QR code displayed on screen.Alternatively, you can manually enter the secret key shown below the QR code.
5

Enter Verification Code

Enter the 6-digit code from your authenticator app to verify the setup.
6

Save Backup Codes

Important: Save your backup codes in a secure location. You’ll need these if you lose access to your authenticator app.
Store your backup codes securely. Each backup code can only be used once.

Signing In with MFA

When MFA is enabled, the sign-in process includes an extra step:
  1. Enter your email and password as usual
  2. On the MFA challenge screen, enter the 6-digit code from your authenticator app
  3. Click Verify to complete sign-in
The 6-digit code refreshes every 30 seconds. If your code isn’t working, wait for the next code.

Using Backup Codes

If you lose access to your authenticator app:
  1. On the MFA challenge screen, click Use a backup code
  2. Enter one of your 8-character backup codes (format: XXXX-XXXX)
  3. Click Verify to sign in
Each backup code can only be used once. After using a backup code, set up your authenticator app again or generate new backup codes.

Disabling MFA

To disable MFA:
  1. Go to Settings
  2. In the MFA section, click Disable MFA
  3. Enter the 6-digit code from your authenticator app to confirm
  4. Click Disable MFA to complete
Disabling MFA removes the extra security layer from your account. Consider keeping MFA enabled for better protection.

Troubleshooting

Code not working

  • Ensure your device’s time is synchronized correctly
  • Wait for the next 6-digit code (codes refresh every 30 seconds)
  • Make sure you’re using the correct account in your authenticator app

Lost authenticator app access

  1. Use one of your backup codes to sign in
  2. Go to Settings and disable MFA
  3. Re-enable MFA with your new device

No backup codes available

Contact your administrator for assistance. They may be able to reset your MFA settings.

Best Practices

Save Backup Codes

Store backup codes in a secure password manager or offline location.

Keep App Updated

Keep your authenticator app updated for security fixes.

Secure Your Phone

Use a PIN or biometric lock on your mobile device.

Multiple Devices

Some apps like Authy allow syncing across multiple devices.