Enforce Enterprise two-step login
This task can be performed by an Enterprise Team owner/admin only from the Bravura Safe web interface.
Best practice
Bravura Security recommends that if your company is using Enterprise SSO and multi-factor authentication is enforced through your Identity Provider (IdP), consider not additionally enforcing Enterprise two-step login within Bravura Safe to streamline the login process for users. Individual member two-step login (as below) will still apply to an SSO login if configured, unless the Bypass personal two-step login when using SSO policy is enabled.
The example below requires all members of the Enterprise Team (except Admins/Owners) to use Bravura OneAuth with a mobile device as a second authentication factor when logging in to their Bravura Safe account:
Log in to Bravura Safe via the web interface.
Click Teams.
From the Team drop-down, select the Enterprise Team.
Alternatively, from the My Safe view, click the Teams drop-down and select the Enterprise Team.
Click the Settings tab.
Select Two-step login from the SETTINGS menu.
Next to the Bravura OneAuth (Team) provider, click Manage.
You are prompted for your master password.
Enter your Master password.
Click Continue.
Enter the Bravura Safe application information from your Bravura OneAuth Admin panel.
Click Turn on.
Two-step login using Bravura OneAuth is enabled for the Enterprise Team and will now be the highest-priority second authentication factor, required by all members to log in.
When users log in for the first time after Enterprise two-step login is enforced, they can click a Send registration email button to register a secondary device. See Pair your phone to Bravura OneAuth during Bravura Safe web login .
See also
Individual two-step login can be enforced by the Enterprise Team administrator via Teams > [Enterprise Team] > Settings > Policies > Require two-step login.
Steps for setting up individual two-step login are detailed in Two-step login.