Rallybound's administrator account management experience is provided by the Single Sign-On (SSO) service provided by Neon One, Rallybound's parent company. As part of this service, organizations can require their administrators to authenticate not only by entering a password, but by verifying their login through another device, known as multi-factor authentication (MFA). This is a widely-used security convention which, for Rallybound organizations, can dramatically increase the security of campaign sites and fundraising data. If your organization would like to implement multi-factor authentication for your administrators, please contact us at email@example.com.
If an organization requires multi-factor authentication, on an administrator's first login to Rallybound (and on subsequent tries until MFA is set up), they will be presented with a screen prompting them to visit NeonSSO's MFA setup flow, which can be accessed at app.neonsso.com/user/mfa. This screen will also be presented immediately after the administrator creates their account, which may be a bit unexpected. It is recommended that organizations communicate to their administrators what to expect in this flow.
To set up multi-factor authentication on your account, follow these steps:
You will then be shown a list of backup codes for use if you should need to log in and you don't have access to your phone. We strongly recommend that you save these codes somewhere secure where you can access them without having to use your phone.
Whenever you log in from a new or untrusted device (and, for security reasons, occasionally on trusted devices), you will need to authenticate again, which can be done following the above steps.
Your MFA setup can be managed and modified in the NeonSSO interface by clicking the profile dropdown at the top right, then clicking "2-Step Verification".