Changes to multi-factor authentication

Availity is phasing out the use of SMS/text and voice-based multi-factor authentication (MFA)

Multi-factor authentication (MFA) is changing to 2-step authentication

As part of our ongoing commitment to protect your information and enhance the security of our platform, Availity will begin phasing out the use of SMS/text and voice-based multi-factor authentication (MFA). Beginning June 14, 2025, Availity will no longer allow new enrollments in MFA to select SMS or voice as their MFA method. Instead, users will be required to use a mobile authenticator application such as Google Authenticator, Microsoft Authenticator, or a similar app of their choice, for 2-step authentication.

Why is MFA changing?

As cyber threats become more sophisticated, so must our defenses. Though widely adopted for their convenience, SMS and voice-based MFA methods are increasingly vulnerable to a variety of cyberattacks. Industry best practices now recommend stronger forms of authentication, particularly mobile authenticator applications.

Who will this change affect?

This change will ultimately affect all Availity Essentials users.

How do I prepare for this change?

2-step enrollment requires you to register either a mobile or browser extension-based authenticator application, like Google Authenticator, or a hard token, also known as a security token or authorization token.

Your chosen method delivers a code for selected situations, such as logging into Availity Essentials from a new device.

Tip: If you lose access to your 2-step authentication method, you will be allowed to use a backup code to log into Availity Essentials.

What will 2-step authentication enrollment look like?

  1. If you have not already enrolled in 2-step authentication, the following window will display when you log into Availity Essentials:
    Important: If you have already enrolled in multi-factor authentication (MFA), you will be prompted to select a preferred method for receiving your authentication code, but voice and text methods will soon no longer be available.


  2. Select Continue to proceed to the following Authenticator Set Up window, where steps are provided to set up an authenticator:
    Note: If you are using a hard token authenticator, follow the setup instructions provided with your hard token device, using either the QR code or the secret key provided in this window to complete authenticator setup.


    1. Install an authenticator application, such as Google Authenticator, on your mobile device or computer.

    2. Either scan the provided QR code with your authenticator application or enter the provided secret key into your time-based authentication device.

    3. Once you have completed the authenticator application setup, select I've completed these steps to continue.

  3. Enter the current 6-digit code displayed by your authenticator application in the Code from authenticator app field of the 2-Step Authentication window and then select Continue:

  4. Record, in a secure location, the backup codes provided on the Confirmation window and then select Continue to proceed to Availity Essentials: