Multi-factor authentication (MFA) account management

Show expandable text

Overview

Use this article to manage multi-factor authentication (MFA) settings for your firm and your own accounts. Before following any instructions listed here, find out which account type you have:

Require MFA for your firm

Once you enable the Require MFA setting, your clients and staff  must verify their application sign-in attempts using MFA. To avoid interruptions, ensure each user has a smartphone or similar mobile device with either the Thomson Reuters Authenticator mobile app or a third party MFA app before you require MFA.

If you require MFA for your staff or clients, they will not be able to remove MFA from their account if they lose their paired device. Because of this, we recommend the use of Backup options as described in Multi-factor authentication overview.

Thomson Reuters ID MFA instructions for administrators

Require MFA for staff members

  1. Visit the My Account page on our website and log in to your CS Web administrator account.
  2. Click the Multi-factor Authentication link under the My Firm heading.
  3. On the Multi-factor Authentication Settings page, mark the Require Multi-factor Authentication for all staff at the firm checkbox.
  4. Click the Save button.

Once enabled, you can remove the requirement that all staff members at your firm use MFA when signing in to their CS Professional Suite applications by unmarking the Require Multi-factor Authentication for all staff at the firm checkbox.

NetFirm CS MFA instructions for administrators

Require MFA for staff members

  1. In the Admin tab of the navigation pane, click the Settings link in the Utilities section.

    Note: If you don't see this link, you don't have access to this area.

  2. In the Multi-factor Authentication section, choose the desired setting ( Require or Optional) for Staff.

    Require: When MFA is required, all staff will be prompted to set up MFA at their next login, after which they must use a mobile device capable of installing the Thomson Reuters Authenticator app to log in to NetStaff CS.

    Optional: When MFA is optional, staff will not be prompted to set up MFA, but they can opt in to using the Thomson Reuters Authenticator app to provide an additional layer of security for their logins to NetStaff CS, NetFirm CS, and Virtual Office CS or SaaS applications.

Require MFA for clients

  1. In the Admin tab of the navigation pane, click the Settings link in the Utilities section.

    Note: If you don't see this link, you don't have access to this area.

  2. In the Multi-factor Authentication section, choose the desired setting ( Require or Optional) for Clients / Employee Self-Service users.

    Require: When MFA is required, all users of NetClient CS and Employee Self-Service will be prompted to set up MFA at their next login, after which they must use a mobile device to log in.

    Optional: When MFA is optional, users of NetClient CS and Employee Self-Service can choose whether to use MFA for their logins. To opt in, clients must follow the process outlined in Setting up multi-factor authentication for your login.

Remove MFA devices from an account

If MFA is set to be required for all users, as described in the previous section, you will not be able to remove a device from your account if it is the only paired device. There must be an MFA device paired if it is required.

Thomson Reuters ID instructions

Remove device from your account

  1. Visit the My Account page on our website and log in to your Thomson Reuters ID.
  2. Click the My Profile link.
  3. In the My Profile screen, click the Multi-Factor Authentication tab, and then click the trash can icon next to the device you wish to remove.
  4. Enter the password associated with your Thomson Reuters ID in the Password field and click the Confirm Password button to disconnect your paired device.

Administrators only: Remove device from another account

If you have required that all staff use multi-factor authentication and one of your staff members needs to pair a new mobile device with their CS Professional Suite login credentials, you can remove their current paired device by completing the following steps.

  1. Visit the My Account page on our website and log in to your CS Web administrator account.
  2. Click the Manage Accounts link under the My Firm heading.
  3. On the Manage Accounts page, locate the row for the desired staff member and click Modify.
  4. Scroll down to the bottom of the page for the selected staff member and click the Remove Device button.

NetStaff CS instructions

Remove device from your account

  1. Navigate to the NetFirm CS login screen and enter your login credentials.
  2. Click your name near the upper-right corner of the screen and choose Manage Multi-factor Authentication.
  3. Click the Remove link to remove a multi-factor authentication method.

    Note: If multi-factor authentication is required for your login and you remove your only authentication method, you will need to add a new method or use temporary login codes to access your account.

  4. Click Enter.

Generate 10 temporary MFA codes for future access without a device

If you do not have access to your MFA device, see Multi-factor authentication troubleshooting for instructions.

Thomson Reuters ID instructions

  1. Visit the  My Account page on our website and log in to your Thomson Reuters ID.
  2. Click the My Profile link.
  3. On the My Profile screen, click the Multi-Factor Authentication tab. 
  4. On the Multi-factor Authentication screen, click the Generate New Codes button to create a new batch of emergency access codes. Note that doing so will replace any codes that you generated before.
  5. Store the emergency access codes in a locked safe or another secure location. 

NetStaff CS instructions

  1. Log in to  NetStaff CS.
  2. Click your name near the upper-right corner of the screen and choose Manage Multi-factor Authentication.
  3. On the Multi-factor Authentication screen, click the Generate New Codes button to create a new batch of emergency access codes. Note that doing so will replace any codes that you generated before.
  4. Store the emergency access codes in a locked safe or another secure location. 

Enable account recovery

Set up account recovery to back up your Thomson Reuters Authenticator app to your iCloud or Google Drive.

Related articles

Multi-factor authentication overview

Multi-factor authentication setup

Multi-factor authentication troubleshooting

Internal: Generating a temporary MFA code for CS Professional Suite and NetStaff accounts

In this article

     






    Was this article helpful?

    Thank you for the feedback!