Security with OperationsCommander OperationsCommander works hard to maintain an up to date product wiki! If you have any questions or if you feel something is missing, post about it in the community. Enhanced Admin Security: Multi-Factor Authentication (MFA) with OperationsCommander The OperationsCommander team has added a critical security layer for our Admin users: Multi-Factor Authentication (MFA)! This is Phase 2 of our MFA project; in Phase 1, we successfully delivered MFA for all user-side accounts . Phase 2 provides Primary Admins with three flexible control options (Hidden, Visible, or Required) and enables Admin Users to securely log in using an email-delivered One-Time Password (OTP). This significantly strengthens account protection, addressing a key security request from clients. MFA is  always mandatory  for security-sensitive actions: Admin Account Creation Password Changes You will receive an MFA email code for these actions, regardless of the system setting. If you don't receive the code, your email address may be missing or incorrect—please contact your administrator system admin for help. There are 3 settings for the MFA functionality. Hidden (required for security sensitive actions) Visible (admin user's choice to use or not for non security sensitive actions) Required (required for every login, and security sensitive action, this is the recommended option ) This setting is currently only configurable with the helps of support. If you wish to change the options on your site, contact support@ops-com.com Here is how the prompt will look for your admin users: Note: In OperationsCommander, the MFA email is a required security communication, and will be sent out to all users, even if they have unsubscribed from all email categories, on their user profile. Originally requested on this community item! Resetting an Administrator's Forgotten Password From the Admin Login page click on  Forgot your Username or Password  to begin the process. You will be prompted to enter your  valid email address . This address must match the currently one that exists on the Admin user's Profile. Once you have entered the email address click on  Send Reminder  to proceed. The screen wil refresh and you will get a message indicating an email has been sent with a reset password link included. This is a sample of what that email could look look like. This email can be edited and configured in  Email Templates . See  Lost Passwords. The email link will take you to an interface where the admin will enter the email address discussed above and a new password. The new password is required to be entered twice for confirmation. Once a new password is chosen and entered, click on  Reset Password  to complete the process. The admin will now be able to log in using the new password they entered.