Configure Multi-Factor Authentication (MFA) - TestRail

Configure Multi-Factor Authentication (MFA)

Please Note: This feature requires TestRail 7.4 or later

Administrators  can require users to log in to TestRail with Multi-Factor Authentication (MFA).  By enforcing authentication with email and popular authenticator apps like Google Authenticator, Microsoft Authenticator, and Duo mobile, you’re better protected from stolen credentials being used to access sensitive data.

Administrators can enable MFA under Site Settings > Security.

Once enabled, Administrators can require individual user accounts to enter a secure code for each new session. Administrators can require MFA for users by editing accounts individually, or in bulk.

By default, TestRail will send a one time use code to the user’s email address for each new session.

Please Note: If you require MFA for user accounts, the users will be required to use an API key for API requests. API requests using an email address and password will fail if MFA is required for the account.

Connecting an Authenticator App

 

As an alternative to emailed codes, you can connect an authenticator app to your user profile and use a code generated by the connected application. To connect an authenticator app, navigate to your profile settings, and open the Auth tab:

Press the Connect button to retrieve a QR code and secret key for connecting to an authenticator app:

If you lose access to the authenticator app and become locked out of TestRail, please request your TestRail administrator disconnect the app from your user profile.