Overview
Multi-Factor Authentication (MFA) provides additional protection for all user accounts on the reev platform. In addition to email and password, a dynamically generated code from an authenticator app is required to verify identity for a successful login.
Configure MFA for Your Organization
As an account manager or administrator, you can centrally define the MFA policy at the organization level to ensure a consistent level of security.
To enable MFA for your reev system users:
Log in to your reev Platform.
Navigate to Administration → Security Settings.
In the Multi-Factor Authentication Policy (MFA Policy) section, select one of the following options:
Enabled – MFA is optional; users can activate it individually.
Enforced – MFA is mandatory; all users must set it up at their next login.
Note: In multi-account environments, the policy is defined at the parent account level and automatically applied to all subordinate accounts.
How MFA Works After Configuration
MFA Enabled – optional for users
Users can activate MFA individually via their personal settings.
Log in to your reev Platform.
Go to your user profile (bottom left) → Personal Settings → Multi-Factor Authentication (MFA).
At the next login: scan the QR code using an authenticator app (e.g., Google Authenticator, Microsoft Authenticator).
Enter the 6-digit verification code from the app.
Save the displayed backup codes securely (download, copy, or print).
From then on, the following credentials are required at each login:
Email address
Password
6-digit code from the authenticator app (or a backup code)
Users can disable MFA as long as the organization policy is set to enabled (optional).
MFA Enforced – required for all users
Users are automatically guided through the setup process at their next login.
Scan the QR code using an authenticator app.
Enter the 6-digit verification code from the app.
Save the displayed backup codes securely (download, copy, or print).
Important:
MFA cannot be disabled individually while the policy is set to Enforced.
If the policy is changed to Disabled, MFA will no longer be required for future logins.
Backup Codes and Account Recovery
During the initial MFA setup, each user receives a set of one-time recovery codes:
These are shown only once during setup.
They can be copied, downloaded, or printed for secure storage.
If a user loses access to their authenticator app (e.g., due to device loss or change), they can log in using a backup code. Each code is valid only once.
Recommended best practices:
Store backup codes in a secure place (e.g., password manager or physical copy).
Keep them separate from the smartphone used for authentication.
Scope and Availability
MFA applies only to system users of the reev Platform (web access).
The reev driver app is excluded to keep the user experience simple.
MFA is available across all license tiers at no additional cost.
Recommended Rollout Strategy
Decide whether to introduce MFA as optional first or enforce it immediately.
Inform internal teams (e.g., administration, finance, fleet management) about:
the activation timeline
recommended authenticator apps
secure storage of backup codes
Set the policy initially to Enabled (optional).
Encourage all users to activate MFA during this phase.
Provide this article as guidance.
Then switch the policy to Enforced.