UserLock Frequently Asked Questions
Is it possible for multiple users sharing the same user account credentials to also share the same MFA key?
There is no built in way to configure MFA for users sharing accounts. We recommend that each user has an individual account so that if there is an attempted breach, you can identify whose credentials have been stolen, and know where the legitimate user has logged in from. Having multiple users using the same account makes you vulnerable for attacks..
When onboarding, UserLock will generate both a QR code and a manual key, of which one has to be used to add the account to the application. You can take a picture of the QR code or write down the manual key to enter them in an authentication app at a later stage. It will still add the same account to the application, generating the exact same code as in the application on the other phone.
NOTE : This is only valid for the TOTP method. It is not possible for Push.