Multi-factor authentication (MFA) is a security process that requires more than one method of authentication from independent credentials to verify the user’s identity.
Primary phone number
As a part of the setup process, users will be asked to enter a phone number. This phone number should be one that you have access to when you will be logged in to Bill.com. It needs to be a direct line to a live person. The call cannot be routed through an automated phone routing service.
Once MFA is enabled, you will be prompted with a text or a voice message to enter a code upon logging in to Bill.com, when changing your password, or when changing your phone number. Checking the "Trust this computer" box when you enter a code will reduce the need of a code to every 30 days, except when changing your password or phone number(s).
Backup phone number
We strongly recommend that you also add a secondary phone number or setup Google Authenticator to your MFA security setup. This will allow you to maintain secure access to your Bill.com account if you no longer have access to your primary phone.
Contacting Support if you can't login
If you can't access your primary or backup numbers, or you are not receiving codes after trying these tips, click Having trouble? and then Contact support.
Things to know
- Your Bill.com account is very powerful. It can move money to and from the vendors and customers in your account. Should someone obtain the login credentials of any of users on your account, you want to know that they won't be able to "do damage" by transferring your money to or from accounts where it doesn't belong. The MFA feature helps to ensure that only the users with verified access through the MFA phone numbers will be able to complete actions such as these.
- We've done our best to implement MFA in such a way that it is not a burden for you and the other users on the Bill.com account. We know most of our customers log in to Bill.com every day and don't want extra steps in their daily process. We strived to balance ease of access with the need for strong security designed to keep the bad guys from accessing your account.
- It is best practice to not share numbers or use another person's phone number for MFA