Two-factor authentication (2FA) or Multifactor authentication (MFA)

Updated by Jill Bowers

 

Opt into 2FA early

After mandatory rollout


Two-factor authentication protects sensitive information by adding an additional layer of security beyond passwords. This change enhances security for personal and organization data. This meets new laws and regulatory standards. The change is being released in phases, however 2FA can be opted into early.


Will I be affected by two-factor authentication?

We require all non-federated users (including insurance professionals and policyholders) to use multiple-factor authentication (2FA). We will start transitioning in May and the goal is to be completed by November 2025. This change helps you meet legal requirements and secure your and your customers’ information.

Users must use 2FA to sign in to the following applications:

Allyne Property Preservation Wizard (PPW) XactAnalysis SP
Benchmark PropX XactContents
ClaimXperience Pruvan Xactimate
ContentsTrack Respond XactPRM
Direct Supplier Respond MAP XactRemodel
OneXperience XactAnalysis XactRestore
PlaCrd XactAnalysis QR

Opt into 2FA early

Set up email authentication

Tip Icon Caution: Once authentication is setup, you cannot opt out or return to legacy 2FA if you were previously using it. Once an email is entered, the email feature may not be deactivated, however other options, such as text messaging and authenticator apps can be enabled.

  1. In the Verisk Identity Server, select SET UP next to Email. This assigns the email address on the account as the 2FA email address.
    Note: By default, the Xactware ID (XID) is used as the email address for 2FA. Users can choose to use a different email address (which will change the XID) but cannot remove the email requirement. The 2FA email and XID will always be linked, they cannot be separated.

    IdentityServerSetupEmail
  2. Enter the code you were emailed.
  3. Select Close.
Set up text messages
  1. In the Verisk Identity Server, select the SET UP button next to Text message.
    IdentityServerSetupSMS
  2. Enter your Mobile phone number.
    Note: The mobile number entered here does not change the phone number on your account, it is only used for the 2FA. To update your phone number on your account, see our Xactware ID: Create, manage and change or forgot password document for assistance.
  3. Select RECEIVE A CODE VIA SMS.
    IdentityServerSetupSMSForm
  4. Enter the code received via text message in the Enter code field.
    Note: Note: If you do not receive a text message, select resend code? to try again.
  5. Select Verify.
    IdentityServerSetupSMSVerify
Set up authenticator app
Note: Note: The instructions below use Google Authenticator as an example, however the Microsoft Authenticator, Authy, 1Password, or LastPass Authenticator can be used as well. Duo Mobile is not compatible.
iOS
  1. Within the App Store, search for Google Authenticator.
  2. Select Get.
    Note: Users may have to enter a password or use Face ID to download the app.
  3. Select Open.
  4. Log in to Google Authenticator with your Google account information. You can also proceed without an account.
    iOSGetGoogleAuth iOSOpenGoogleAuth iOSGoogleAuthSetup
Android
  1. Within the Google Play store, search for Google Authenticator.
  2. Select Install.
  3. When installation is complete, select Open.
  4. Log in to Google Authenticator with your Google account information. You can also proceed without an account.
    AndroidGetGoogleAuth AndroidOpenGoogleAuth AndroidGoogleAuthSetup
Set up authenticator app in Account Settings
Note: The steps below assume you are using the Google Authenticator app on iOS. The steps may vary slightly if you are using an Android device or different app. To remove an authenticator app, select remove instead of set up.
  1. In the Verisk Identity Server, select the SET UP button next to Authenticator app. This will open a popup with a QR code which will be used in a later step.
    IdentityServerSetupApp
  2. Within the Google Authenticator app on your mobile device, select the add button.
  3. Select Scan a QR code.
    iOSAddQRCode
  4. Use the app on your mobile device to scan the QR code which was opened in step 1.
  5. After you scan the code, select Next in your browser.
    IdentityServerQR
  6. Enter the code from the Google Authenticator app into the Enter code field.
  7. Select Verify.
    IdentityServerQRVerify

After mandatory rollout

Set up 2FA after mandatory rollout

If you have not set up 2FA before the required date, when you log into your program, you will be presented with the 2FA setup. The steps below show signing into XactAnalysis, however this experience may vary slightly depending on which program you are signing into.

  1. Enter your password.
  2. Click LOG IN.
  3. Enter the code emailed to you in the Enter a code field.

Click go to app to continue into your selected program or click go to account settings to setup text message or an authenticator app using the steps in the above sections.

Important reminders about the login experience
  • Account holders are challenged with 2FA when they log in. If all three 2FA options are set up, the user can choose which one they want to use to sign in.
  • Account holders can remove and reset optional security methods (text message and authenticator app) in Account Settings. However, email authentication is required and cannot be removed.
  • Once users are set up in the new 2FA system, they cannot return to the legacy two-step authentication or opt out of 2FA.
  • Security questions are no longer part of the login experience.

Back to top of document

How Did We Do?