To reduce the chances of unauthorized access, Redis Cloud allows users to enable multi-factor authentication (MFA).

When MFA is enabled, users must enter their username, password, and an authentication code when signing in. MFA requires a mobile device that can receive these authentication codes over text messaging. In addition, you may use an authenticator app such as Google Authenticator as one of your factors.

To further increase the security of the account, the account owner can require MFA enforcement for all users.

Note:
Once you enable MFA, it will be required to access every account that belongs to you. Deactivating MFA enforcement on an account does not deactivate MFA enforcement for other users of that account that have defined a phone number. To deactivate MFA enforcement for other users, those users will each need to deactivate MFA enforcement for their own user accounts.

Enable MFA

Each user can enable and configure MFA for their account. The default MFA configuration sends an authentication code by text message that users must enter when they sign in.

To configure MFA for your user account:

  1. Sign in to your account.

  2. From the Redis Cloud console menu, select your name and then User Profile from the drop down menu.

    Use the user drop down menu to get to the User Profile section.
  3. Under your user profile, locate Multi-factor authentication.

    Multi-factor authentication is located on the user profile page.
  4. Enter your mobile phone number in the Text message box and then select Send code.

  5. You will receive a confirmation code sent by text message. Enter the code when prompted by the Redis Cloud console and select Verify.

Your account is now configured for MFA.

Note:
We recommend that you also configure MFA for an authenticator app as an additional factor.

If you cannot sign in to your account because of MFA, please contact support.

If your mobile phone is lost or stolen, make sure that you update the MFA configuration to prevent unauthorized sign-ins.

Change your MFA phone number

To change the mobile phone number used for MFA:

  1. Navigate to the Multi-Factor authentication section in the User Profile.
  2. Select Change number.
  3. Enter the new mobile phone number, and complete the verification process as described above.

Configure MFA for an authenticator app

After you configure MFA for text messages, you can also configure MFA to work with a time-based one-time password (TOTP) app such as Google Authenticator.

When you sign in to the Redis Cloud console, you can select either an authentication code sent by text message or an authentication code shown in your authenticator app.

To configure MFA for an authenticator app:

  1. Install an authenticator app on your mobile phone.
  2. Add Redis Cloud to the app:
    1. From the User Profile view in your Redis Cloud account, locate Multi-Factor Authentication.
    2. Select Connect for the authenticator app. A QR code appears, requesting verification.
    3. Scan the QR code using your phone’s authenticator app.
    4. Enter the code generated by your authenticator app to verify the setup.

You can now use either a text message code or an authenticator app code as your second factor when signing in.

Deactivate MFA

You can deactivate MFA for your user account. To deactivate MFA, go to your profile, locate Multi-Factor Authentication, and select Deactivate.

Enforce MFA for all user accounts

Account owner users can enable MFA enforcement for all users in their account. After MFA is enforced for the account, all users who do not have MFA enabled will be required to configure MFA the next time they sign in to the Redis Cloud console.

Note:
Redis Cloud does not enforce MFA for SAML SSO users since the identity provider handles MFA management and enforcement.

To enable MFA enforcement for all user accounts:

  1. Sign in as an account owner.

  2. Go to Account Settings.

  3. Under Security, switch the MFA environment toggle to On.

    Multi-factor authentication toggle for all users on.
  • When you enable MFA enforcement, users cannot disable MFA for their account.
  • When you disable MFA enforcement, users can disable MFA for their account.
Tip -
Notify all of your Redis Cloud console users before enabling MFA enforcement.