Logging in
- To log into Rex go to https://app.rexsoftware.com/login
- Enter your email address and password you setup when accepting your email invitation
- Click Log In
- You'll now go to the next screen to enter your password
- Click Log In
Note: Logins will be remembered for 2 weeks. If you're logging in on someone else's computer, we recommend using your browser's Guest/Incognito mode, and closing the browser when you've finished your session.
Multi-factor Authentication (MFA)
You can now set up authenticator-based multi-factor authentication. Multi-factor authentication (MFA) is a security method that'll require you to provide multiple forms of identification, such as a password and a one-time code generated via an app, before accessing the application. MFA provides enhanced protection against unauthorised access.
Setting up multi-factor authentication
To setup multi-factor authentication, visit the Profile app. You can also access the Profile app by going to edit your profile via the top-right menu in Rex.
You'll first be prompted to download an authenticator app on your phone. Any QR-code based authenticator will work, though we recommend Google Authenticator or Twilio Authy.
You'll then be presented with instructions (via the selected app) on how to get set up with MFA.
Notes:
- Once MFA is enabled, you'll be prompted to provide a 6-digit code, generated by your selected MFA app every time you login.
- Enabling multi-factor authentication will require you to re-enter your password.
- Disabling multi-factor authentication will require you to enter a multi-factor code
FAQ
Am I able to enforce MFA usage across my agency?
No, currently MFA is purely opt-in per user though we plan to offer more agency-level control and visibility for some plans in the future. We understand the value in going “all-in” on MFA to ensure complete security coverage.
Do you plan on supporting other multi-factor methods in the future?
We don’t have any immediate plans to support other multi factor methods . Authenticator-based MFA (a.k.a TOTP MFA) is one of the most secure methods available and boasts several advantages over email/SMS-based MFA.
What impact does multi-factor authentication have on the API?
Multi-factor authentication do not currently impact API usage and there are no breaking changes being made to the API at this stage. Note that we will eventually update the API to be compatible with multi-factor verification checks at a later date.
What happens if users with MFA setup get locked out of their account?
We anticipate that users will occasionally get locked out due to lost phones/uninstalled apps or similar scenarios. Affected users can reach out to our customer care team, who can unlock the user’s account after the user has gone through an identity verification process.