Bill.com Multi-Factor Authentication (MFA)

Multi-Factor Authentication adds an additional layer of security to a Bill.com account by requiring not only a username and password to log in, but also a personal device. This makes it extremely difficult to break into a Bill.com account. Skip setup

There is an option to skip this feature if the account falls under one of the following:

  • Paid subscription account within the risk-free trial period
  • Subscription free (Basic) account

Setup MFA

If continue is clicked, the following page is presented: Set up additonal security

Set up a primary cell or work phone number:

  1. Click Next
  2. Enter the phone number
  3. Choose the default method to receive security codes
    • Via text
    • Via voice
  4. Click Submit

A test code will be sent using the delivery option selected to ensure the phone number was entered correctly. Enter phone number

Setting up a backup number

  1. Click the gear icon
  2. Click Profile under You
  3. Click Enter your backup phone
    • To edit the backup number, hover over Details and click Security
  4. Click Next to receive a security code on your primary number
  5. Enter the sercurity code
  6. Select Trust This Computer to require a security code less often
    • Name the device if choosing to trust it
  7. Click Submit
  8. Enter the backup number
  9. Select the default method to receive security codes
  10. Click Submit
  11. Enter the security code to verify the number
  12. Click Submit
  13. Click Finish

When MFA is triggered

From time to time, when performing certain actions within the Bill.com account, prompts will surface to select the number and delivery method for the security code.

Choose number and method

Enter the security code and select Trust This Computer to require a security less often.

Enter code

Things to know

  • The number of times Send a new code will trigger a new code is 3, on the 4th attempt we will show some tips about how to ensure receiving the code successfully
    • Log out and bank in to reset the MFA process
  • To perform the security check less frequently, select the box to "trust" this computer
    • Do not select the "trust this computer" box when working on someone else's computer or logging in from a public location (like a library computer)
  • For devices that have been marked as a trusted, the following conditions can still trigger MFA:
    • Switching to a different browser
    • Disabling browser cookies, using a cookie management extension or clearing browser data
    • Changing the browser supported language, ie: adding a new language
    • Upgrading to a different version of the browser
  • Paid subscription accounts will not be able to skip MFA setup after the risk-free trial is over
  • Approver users do not need to set up MFA