Help Center
In this article
Help
FAQs and Troubleshooting
Frequently Asked Questions

Multi-factor Authentication (MFA) FAQs

Apply

Multi-factor Authentication (MFA) FAQs

What is Multi-Factor Authentication (MFA)?

MFA adds an extra layer of security by requiring you to enter a one-time code after your password. The code can come from:

  • An authenticator app (Google Authenticator, Microsoft Authenticator, etc.) OR
  • Email (whichever of the two “device”s is enabled)
  • Recovery Email (In the event of lost MFA device/method)

Is MFA required on my site?

It depends on your site’s settings.
If your site admin has enabled “MFA Required”, every user must complete MFA before accessing the site. You will be redirected to MFA setup immediately during your next login.

Can I disable MFA on my own account?

Only if the site does not require MFA.
If your site requires it, the option to disable MFA is disabled.

Are my MFA settings tied to a specific site?

Your MFA setup is tied to your user account, not individual sites.
However, the requirement for MFA is site-specific.

Registration

Why am I seeing the MFA setup screen right after creating my account?

Your site requires MFA for all users.Before accessing your dashboard for the first time, you must complete MFA setup.

Enrollment & Setup

How do I enable MFA on my account?

Go to: My Account → Profile → Enable MFA
Follow the steps to scan the QR code (for authenticator apps) or select the email method if available.

What if I can’t scan the MFA QR code?

You can manually enter the secret key, account name, and issuer into your authenticator app. These appear below the QR code.

Do I get backup options?

Yes. During the MFA setup, you are asked to set up a secondary email as the recovery email. This recovery email is used to send the code to recover the account.

Login & Verification

How long do MFA codes last?

  • Authenticator codes: 30 seconds
  • Email codes: 5 minutes

What if I enter the wrong MFA code?

You’ll see an error message and can try again.
Multiple failed attempts may temporarily lock your account.

Can I use a code sent to my recovery email address to log in?

Yes. If you cannot use your authenticator device or primary email address, you may utilise the 'Recover Account' option and trigger one-time code sent to that address.

Lost Device / Account Recovery

I lost my device (Primary email / Authenticator). What do I do?

When you set up multi-factor authentication, you also added a mandatory recovery email address. This recovery email is your backup mechanism to get into your account if you cannot access your primary email or can't access your authenticator app. This email address cannot be same as the primary email address of the account.

How do I recover my account?

  1. Go to the Login page and enter your username and password as usual.
  2. When asked for your MFA authentication code, look for the "Recover Account" link.
  3. Click the link to request a recovery code. An email with recovery code will be sent to the registered recovery email address.
  4. Check your recovery email inbox for a message with a 6-digit verification code.
  5. Enter the code to verify your identity and regain access to your account.

Changing Your MFA Device

How do I switch to a new authenticator app or phone?

  1. Log in normally.
  2. Go to My Account → Login Details → Manage MFA.
  3. Select Change enrolled device.
  4. Verify with an existing code.
  5. Set up MFA again with your new device.

SSO + MFA

I signed in with Google—why didn’t I get an MFA prompt?

Google Single Sign-On (SSO) users do not go through MFA. MFA applies only to users signing in with native email/password accounts.

Can I still enable MFA if I use SSO?

Yes — but only if you also have a password set on your account.
If you sign in with SSO and you have a password, you may choose to turn on MFA under My Account → Login Details.

If my site requires MFA, does that apply to SSO users?

No. MFA requirements apply only to users who log in with email and password.
SSO users are not required to enroll in MFA.

If I use SSO but want to enable MFA, what do I do?

You will need to set a password first:

  1. Go to My Account → Login Details
  2. Click Set Password
  3. After setting a password, the MFA option will appear

If I enable MFA, will it apply to my SSO login?

No. MFA applies only when you use your email and password to sign in.
If you log in through Google, you will bypass MFA.

Related Articles

October 2025
September 2025
July 2025

Company

SurveyMonkey

About Us

Jobs

Blog

Help

SurveyMonkey Help

GetFeedback Help

Market Research Help

SurveyMonkey Audience Help

SurveyMonkey Contribute Help

Wufoo Help

Apply Help

Support

Site Status

Unsubscribe

Contact Us

Email Opt-In

Policies

Legal Center

Privacy Policy

Cookies Notice

California Privacy Notice

Copyright © 1999-2026 SurveyMonkey
BBB credentials logo
TrustedSite logo