Two-Factor Authentication

Two-Factor Authentication in MIDAS

A password alone isn't always sufficient protection for a system that holds booking data, client records, and financial information. Two-factor authentication (2FA) adds a second verification step to the login process, significantly reducing the risk of unauthorised access even if a password is compromised.

How it works in MIDAS

When 2FA is enabled for an account, logging in with the correct username and password is only the first step. MIDAS then prompts the user for a one-time code. That code can be delivered in two ways:

• Email - a code is sent to the email address on the user's account. The user enters the code to complete login.
• Authenticator app - the user sets up a TOTP-compatible app (Google Authenticator, Authy, or similar) and uses the time-based code it generates.

Per-account control

2FA can be enabled or required on a per-account basis. Administrators can enforce 2FA for specific users - for example, requiring it for administrator accounts while leaving it optional for standard users. Users can also enable it voluntarily on their own account without an administrator needing to configure it for them.

Trusted devices

Users can mark a device as trusted for a configurable period. A trusted device bypasses the 2FA prompt on subsequent logins, reducing friction for staff on their regular work computers while maintaining the protection on unfamiliar devices.

Recovery

If a user loses access to their second factor - their phone is replaced, their email changes - an administrator can reset the 2FA configuration for that account, allowing them to re-enroll.

→ Start a free trial and enable 2FA on your administrator account during setup.