Overview
Two-Factor Authentication (2FA) is a valuable security tool that protects user accounts from unauthorized access. There may be times when users lose access to their authenticator app or device and require 2FA to be disabled temporarily. This article explains how 2FA can be managed for Affiliate users and when NMI Support intervention is required.
This article explains how to manage situations where:
- A parent affiliate’s main contact or sub-user is locked out of their account
- A sub-affiliate’s main contact or sub-user is locked out and requires assistance
You'll learn when support must step in and when parent affiliates can take action directly through the portal.
Understanding the Affiliate and User Structure
To clarify how access and control work:
- Parent Affiliate - A top-level account that manages other affiliate accounts (sub-affiliates).
- Main Contact: The primary user for this account.
- Sub-Users: Additional users who log in with separate usernames under the parent affiliate.
- Sub-Affiliate: An affiliate account created and managed by a parent affiliate.
- Sub-Affiliate Main Contact: The primary user for the sub-affiliate account.
- Sub-Affiliate Sub-Users: Additional users under the sub-affiliate account.
Steps to Disable 2FA for Sub-Affiliates and Their Users
As the parent affiliate, follow these steps:
- Log in to your Partner Affiliate Portal
- Click on List Accounts in the left-hand menu
- Locate the sub-affiliate's name in the list and click on it
- Under the Affiliate Users section, find the username who needs 2FA disabled
- Click the Log in button next to their username
⚠️ You must have the "Log in as merchants and sub-affiliates" permission enabled to see this button. - Once logged in as the user, go to Options > Two-Factor Authentication in the left-hand menu
- Click Disable Two-Factor
- Confirm the action when prompted
The sub-affiliate will then be able to log in and re-enable 2FA on their new device.
Disabling 2FA for Your Own Parent Affiliate User Account
If a parent affiliate user (main contact or sub-user) is locked out and cannot access their device:
Step 1: Send a Written Request
Email support@nmi.com from your primary contact email address and request to have 2FA disabled for your account or the sub-user on your account. This written request is required to start the process.
Step 2: Complete Phone Verification
A Support agent will contact you by phone. You will need to complete a verification process before we make the necessary changes.
Once the information is verified, Support will disable 2FA and then you or the user can then log in and re-enable 2FA.