Multifactor authentication provides an extra level of authentication at sign in by requesting a verification code in addition to a user name and password. Organizations who want to take advantage of this additional authentication can configure their organization to allow members to enable multifactor authentication on their accounts. Members need to have an ArcGIS account and a mobile device with a supported authentication app installed on it. Multifactor is not supported on enterprise logins or public accounts.
Multifactor support across the platform
Multifactor authentication works with ArcGIS accounts in Esri apps that support OAuth 2.0. This includes the ArcGIS Online website, ArcGIS Desktop 10.2.1 and later, the ready-to-use apps, My Esri, and apps in ArcGIS Marketplace. In ArcGIS Desktop 10.2.1 and later, multifactor authentication can be used to connect to ArcGIS Online services from the ready-to-use services node in the catalog window.
Multifactor authentication needs to be disabled when accessing apps without OAuth 2.0 support (which includes ArcGIS Desktop 10.2.0 and earlier and the ArcGIS app for smartphones and tablets). For some apps, such as ArcGIS Desktop 10.2.1 and later that supports OAuth 2.0, multifactor authentication still needs to be disabled before making a connection from ArcGIS Desktop to ArcGIS Server services available as part of ArcGIS Online. This includes geocoding and geoprocessing services that perform routing and elevation analysis. Multifactor authentication also needs to be disabled when storing credentials with Esri premium content.
Configure the organization
Administrators configure multifactor authentication for the organization through the security settings and designate administrators who will receive email requests to disable multifactor authentication on member accounts.
Once an organization is configured, members with ArcGIS accounts can enable multifactor authentication on their account through their profile page. This includes installing one of the ArcGIS Online-supported authentication apps on their mobile device: Google Authenticator (for Android and iOS) or Authenticator (for Windows Phone). The apps generate a unique, time-sensitive code that members use, along with their user name and password, to sign in.
If members encounter an issue with multifactor authentication, they can request help from their administrator through the Having trouble signing in? page (available from the sign in page). Troubleshooting tips are also available.