Protect your company's data with Procore's MFA by requiring users to select one of two verification methods at login. These methods add a security layer beyond passwords to prevent unauthorized account access.
Method | Available For... | Best For... | How it works... | Key Benefits |
|---|---|---|---|---|
Authenticator App | Standard Procore Users and Procore Pay (Payors and Payee Admins) | Users in remote areas, international travelers, or those handing sensitive financial and project data. | A mobile app (like Google Authenticator or Okta) generates a 6-digit code every 30 seconds that you enter to login. | No Signal Required: Uses a Time-Based One Time Password (TOTP) to generate codes locally using your device's internal clock. Higher Security: Codes are generated locally via an encrypted secret key through your authenticator app, protecting you from intercepted text messages and SIM-swapping attacks. |
SMS Verification | Standard Procore Users (with phone numbers in US, Canada, UK, Ireland and Australia) and Procore Pay (Payee Admins) | Users who want a quick, familiar setup without installing additional mobile device software. | Procore sends a unique one-time code to your registered mobile number via SMS text message during login. | Simplicity: No app download required. Familiarity: Works like standard online banking or retail verifications. |