A Float user may require the Multi-Factor Authentication method associated with their login to be reset. This could be due to changing phone numbers, losing access to a device which has been configured as a passkey, or losing access to an authenticator app.
Float Administrators can initiate a reset of the Multi-Factor Authentication for a user in their business.
The Primary Administrator's MFA can only be reset by Float support. See Resetting MFA via Float Support below.
Considerations before resetting Multi-Factor Authentication
- Validate that the request is legitimately coming from a user in your Float business and not from a bad actor attempting to gain access to the user's account and Cards.
- Speak to the user in person, over the telephone or via another trusted channel to validate their identity.
- If your business authenticates logins to Float via SAML, consult your internal IT to resolve authentication issues first. A MFA Reset will not be appropriate in this case.
To reset a user's Multi-Factor Authentication
- Log-in to Float as an Administrator
- Navigate to the "Users" page
- Locate the user whose MFA you wish to reset
- At the right end of the row in the Actions column, click "Reset MFA"
The next time the user logs-in to Float they will be prompted to configure a new MFA method.
Resetting MFA via Float Support (Primary Admins or Special Exceptions Only)
Only Float Support can reset Multi-Factor Authentication for the Primary Administrator. Because MFA protects high-level access to your business' Float account, the reset process requires the presentation and validation of the Primary Admin's government-issued ID.
- Email support@floatfinancial.com from the email address you use to log-in to Float
- State that you are the Primary Administrator and require your MFA to be reset
- Attach a photograph of your government-issued ID
- Float Support will validate it against the identity record that was created when you first signed-up for Float.
Float Support can also reset Multi-Factor Authentication for other users in urgent situations or if an Administrator is not available. This is a special exception scenario and requires the presentation and validation of the user's government-issued ID.