Givebacks is adding multi-factor authentication, also known as MFA, to help keep user accounts more secure.
MFA adds an extra security step during sign-in. In addition to entering a password, a user may need to enter a one-time passcode sent to the email address connected to their Givebacks account. This helps protect your organization’s account, even if a password is lost, guessed, or shared.
How MFA works
When you sign in to Givebacks, a one-time passcode may be sent to the email address connected to your account.
To complete sign-in, you will need to enter that code.
MFA applies to all Admin users, including PTA and District users.
If your organization uses the Givebacks Point of Sale app, MFA may also be required when signing in there.
MFA verification is required on each device that a user wants to use and on each browser.
If the same user signs in from multiple devices, they may need to complete MFA verification on each device.
MFA verification is required every 60 days as part of Givebacks security requirements.
Make sure you have access to the account email
The one-time passcode is sent to the email address connected to your Givebacks account.
Before signing in, make sure your organization knows who owns or monitors that email inbox.
If you personally do not have access to the email address used for the Givebacks account, contact the person in your organization who owns or manages that email. That person will need to receive the one-time passcode and help confirm access when needed.
If your organization uses the same email on multiple devices
Some organizations use the same email to sign in to Givebacks on multiple devices. If your organization does this, the owner of that email inbox should know that MFA codes may be sent to them when someone signs in.
Because MFA verification is required on each device, the email owner may need to help provide a one-time passcode for each device that needs access.
The email owner may need to help confirm access when:
Someone signs in to the account.
Someone signs in from a new device.
Someone signs in from a different browser.
The same login email is used on multiple devices.
It is time for the 60-day MFA verification.
60-day MFA verification
To help protect the account, MFA verification is required every 60 days.
We recommend that the email owner set a reminder for 5 days before the end of the 60-day period. This gives your organization time to prepare and make sure the right person still has access to the email inbox.
What to do if you do not have access to the email
If you do not have access to the email connected to the Givebacks account, contact the person in your organization who owns or monitors that inbox. That person will need to provide the one-time passcode when MFA verification is required.
If no one in your organization has access to the email address, or if the account email needs to be updated, contact Givebacks Support.
Best practices
To help avoid sign-in issues, we recommend the following:
Confirm which email is connected to your Givebacks account.
Make sure someone in your organization has access to that inbox.
Identify the email owner before MFA verification is required.
Make sure the email owner knows MFA may be needed on each device.
Set a reminder for 5 days before the end of the 60-day MFA period.
Contact Givebacks Support if your organization no longer has access to the email.
Questions? Click the "?" icon to contact Givebacks Support.