Starting February 25, 2025, multi-factor authentication (MFA) will be a requirement for all users on Aplos. This means that all users will need to enable MFA when logging into their Aplos account.

What is multi-factor authentication?

MFA is a security method that requires users to provide two or more verification factors to gain access to their account. Instead of just entering a password, users must also complete a second step: entering a code sent via email or text.

Why are we requiring MFA?

At Aplos, safeguarding your data is our highest priority. The additional layer of security provided by MFA helps protect your account from unauthorized access, even if someone has obtained the password.

Passwords alone can be vulnerable to hacking or phishing attacks. In fact, studies show that accounts secured with MFA are 99.9% less likely to be compromised (Microsoft, AAG). By adding a second layer of protection—an email or SMS code sent to your device—you ensure that only you can access your account, even if your password is compromised.

Ultimately, enabling MFA will protect your organization’s sensitive financial and contribution data.

What are the Steps?

The next time you log in to Aplos, you’ll see a screen prompting you to set up MFA through SMS or email in order to access your account.

1. Enter your email and password.
2. Click Sign In.
3. You’ll be sent to a page to enable MFA.
   1. Select your method for authentication.
   2. Enter your email address or phone number.
   3. Click Send.
4. Once you’ve received the code, enter it in the Verification Code box.
5. Click Enable.

MFA is required for logging in, but if you don’t want to complete the MFA steps every time you log in, there is an option to “remember this device for 30 days.”

For account recovery, you will be provided with a set of recovery codes. These are one-time use codes that can be used to recover your account in the event that you lose access to receiving a code sent through multi-factor authentication. Please store these recovery codes in a secure location.

Note for Google SSO users

If you are using Google SSO to sign in to Aplos, you will not be required to enable MFA to log in. However, for the time being, if you want to access My Profile you will be required to enable MFA.