From e3b74474c8c332bf693d530fbf22ba56fd1b48b1 Mon Sep 17 00:00:00 2001
From: Matt Shaver <60105315+matthewshaver@users.noreply.github.com>
Date: Thu, 1 Aug 2024 14:12:17 -0400
Subject: [PATCH] Adding MFA docs (#5878)
## What are you changing in this pull request and why?
Adding MFA docs to the site
## Checklist
- [ ] Review the [Content style
guide](https://github.com/dbt-labs/docs.getdbt.com/blob/current/contributing/content-style-guide.md)
so my content adheres to these guidelines.
- [ ] For [docs
versioning](https://github.com/dbt-labs/docs.getdbt.com/blob/current/contributing/single-sourcing-content.md#about-versioning),
review how to [version a whole
page](https://github.com/dbt-labs/docs.getdbt.com/blob/current/contributing/single-sourcing-content.md#adding-a-new-version)
and [version a block of
content](https://github.com/dbt-labs/docs.getdbt.com/blob/current/contributing/single-sourcing-content.md#versioning-blocks-of-content).
- [ ] Add a checklist item for anything that needs to happen before this
PR is merged, such as "needs technical review" or "change base branch."
Adding or removing pages (delete if not applicable):
- [ ] Add/remove page in `website/sidebars.js`
- [ ] Provide a unique filename for new pages
- [ ] Add an entry for deleted pages in `website/vercel.json`
- [ ] Run link testing locally with `npm run build` to update the links
that point to deleted pages
---
website/docs/docs/cloud/manage-access/mfa.md | 84 ++++++++++++++++++++
website/sidebars.js | 1 +
2 files changed, 85 insertions(+)
create mode 100644 website/docs/docs/cloud/manage-access/mfa.md
diff --git a/website/docs/docs/cloud/manage-access/mfa.md b/website/docs/docs/cloud/manage-access/mfa.md
new file mode 100644
index 00000000000..a06251e6468
--- /dev/null
+++ b/website/docs/docs/cloud/manage-access/mfa.md
@@ -0,0 +1,84 @@
+---
+title: "Multi-factor authentication"
+description: "Configure dbt Cloud MFA"
+id: "mfa"
+sidebar: null
+---
+
+# Multi-factor authentication
+
+dbt Cloud provides multiple options for multi-factor authentication (MFA). MFA provides an additional layer of security to username and password logins for Developer and Team plan accounts. The available MFA methods are:
+
+- SMS verification code (US-based phone numbers only)
+- Authenticator app
+- Webauthn-compliant security key
+
+This is available across dbt Cloud plans for users with username and password logins only.
+
+## Configuration
+
+You can only have one of the three MFA methods configured per user. These are enabled at the user level, not the account level.
+
+1. Navigate to the **Account settings** and under **Your profile** click on **Password & Security**. Click **Enroll** next to the preferred method.
+
+
+
+Choose the next steps based on your preferred enrollment selection:
+
+
+
+2. Select the +1 country code, enter your phone number in the field, and click **Continue**.
+
+
+
+3. You will receive an SMS message with a six digit code. Enter the code in dbt Cloud.
+
+
+
+
+
+
+
+2. Open your preferred authentication app (like Google Authenticator) and scan the QR code.
+
+
+
+3. Enter the code provide for "dbt Labs: YOUR_EMAIL_ADDRESS" from your authenticator app into the the field in dbt Cloud.
+
+
+
+
+
+2. Follow the instructions in the modal window and click **Use security key**.
+
+
+
+3. Scan the QR code or insert and touch activate your USB key to begin the process. Follow the on-screen prompts.
+
+
+
+4. You will be given a backup passcode, store it in a secure location. This key will be useful if the MFA method fails (like a lost or broken phone).
+
+## Account Recovery
+
+When setting up MFA, ensure that you store your recovery codes in a secure location, in case your MFA method fails. If you are unable to access your account, reach out to [support@getdbt.com](mailto:support@getdbt.com) for further support. You may need to create a new account if your account cannot be recovered.
+
+If possible, it's recommended to configure multiple MFA methods so that if one fails, there is a backup option.
+
+## Disclaimer
+
+The terms below apply to dbt Cloud’s MFA via SMS program, that dbt Labs (“dbt Labs”, “we”, or “us”) uses to facilitate auto sending of authorization codes to users via SMS for dbt Cloud log-in requests.
+
+Any clients of dbt Labs that use dbt Cloud Labs 2FA via SMS program (after password is input) are subject to the dbt Labs privacy policy, the client warranty in TOU Section 5.1 second paragraph that Client's use will comply with the Documentation (or similar language in the negotiated service agreement between the parties) and these terms:
+
+(1) The message frequency is a maximum of 1 message per user login;
+
+(2) Message and data rates may apply;
+
+(3) Carriers are not liable for delayed or undelivered messages;
+
+(4) For help, please reply HELP to the SMS number from which you receive the log-in authorization code(s);
+
+(5) To opt-out of future SMS messages, please reply STOP to the SMS number from which you receive the log-in authorization code(s). We encourage you to enable an alternate 2FA method before opting-out of SMS messages or you might not be able to log into your account.
+
+Further questions can be submitted to [support@getdbt.com](mailto:support@getdbt.com).
diff --git a/website/sidebars.js b/website/sidebars.js
index 377c353e9be..3a8f8f4032b 100644
--- a/website/sidebars.js
+++ b/website/sidebars.js
@@ -79,6 +79,7 @@ const sidebarSettings = {
items: [
"docs/cloud/manage-access/about-user-access",
"docs/cloud/manage-access/invite-users",
+ "docs/cloud/manage-access/mfa",
{
type: "category",
label: "User permissions and licenses",