From 89a4ec8388210075ab75688719ee442b143fce94 Mon Sep 17 00:00:00 2001 From: Kuni Sen Date: Tue, 22 Apr 2025 13:44:43 +0900 Subject: [PATCH 1/2] Update multifactor-authentication.md --- cloud-account/multifactor-authentication.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cloud-account/multifactor-authentication.md b/cloud-account/multifactor-authentication.md index 5b5fce2c0..6a19313e0 100644 --- a/cloud-account/multifactor-authentication.md +++ b/cloud-account/multifactor-authentication.md @@ -20,6 +20,12 @@ Elastic recommends that you enable multiple methods so that you can still access If you use only a Google or Microsoft account to log in, then you can’t configure MFA in {{ecloud}}. You can check and manage your multifactor authentication options in your Google or Microsoft account security settings. +::::{warning} + +Disabling MFA poses a significant security risk, and as such, we do not provide the option to disable this feature. + +:::: + ::::{note} You can no longer configure SMS as a multifactor authentication method. If you already use SMS for multifactor authentication, then you can continue using it. You’ll be prompted to switch to a new MFA method in the future. From 0e672d19492464190d2734e199a40b4b9bebe360 Mon Sep 17 00:00:00 2001 From: Florent Le Borgne Date: Thu, 24 Apr 2025 17:24:02 +0200 Subject: [PATCH 2/2] Reword the intro sentence with stronger language for clarity and update outdated SMS note --- cloud-account/multifactor-authentication.md | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/cloud-account/multifactor-authentication.md b/cloud-account/multifactor-authentication.md index 6a19313e0..12e22a856 100644 --- a/cloud-account/multifactor-authentication.md +++ b/cloud-account/multifactor-authentication.md @@ -8,29 +8,19 @@ applies: # Multifactor authentication [ec-account-security-mfa] -If you use a password-based login, Elastic requires you to enable multifactor authentication (MFA) for added security on your {{ecloud}} account. - -You can choose from the following methods: +Multifactor authentication (MFA) is **mandatory** when you log in to {{ecloud}} using a standard email/password combination, and can't be turned off. It helps protecting your account by adding an extra identity verification step when you log in. You can choose and define the MFA method to use based on your preference: * Set up an **authenticator app** such as Google Authenticator, Microsoft Authenticator, or Okta Verify. These apps generate a time-based one-time password (TOTP) that you enter along with your password when you log in. * Authenticate using a **hardware security key or biometric data**, such as a YubiKey or a fingerprint reader. * Receive a verification code through **email**. You enter this code along with your password when you log in. -Elastic recommends that you enable multiple methods so that you can still access your account if you lose access to one method. - -If you use only a Google or Microsoft account to log in, then you can’t configure MFA in {{ecloud}}. You can check and manage your multifactor authentication options in your Google or Microsoft account security settings. - -::::{warning} - -Disabling MFA poses a significant security risk, and as such, we do not provide the option to disable this feature. - -:::: - ::::{note} -You can no longer configure SMS as a multifactor authentication method. If you already use SMS for multifactor authentication, then you can continue using it. You’ll be prompted to switch to a new MFA method in the future. - +You can no longer configure SMS as a multifactor authentication method. :::: +Elastic recommends that you enable multiple methods so that you can still access your account if you lose access to one method. + +If you use only a Google or Microsoft account to log in, then you can’t configure MFA in {{ecloud}}. You can check and manage your multifactor authentication options in your Google or Microsoft account security settings. ## Configure an authenticator app [ec-account-security-mfa-authenticator]