Skip to main content

Netskope Help

Multi-Factor Authentication for Netskope Admins

Most enterprise accounts implement Netskope SSO for management console access. In addition, local accounts are created for emergency access for a variety of business use cases. Multi-factor authentication (MFA) enhances the security of the user log in process by requiring users to provide unique authentication in addition to their regular sign in.

The Netskope platform supports MFA for Netskope admins to log in to the Netskope management console using a local administrator account.

Navigate to Settings > Administration > Admins to view the Admins page.

  1. Any Local Account type can be enabled for MFA.

  2. MFA Status column lists the user status: Enabled, Disabled, Pending Registration (user action required).

  3. Click ellipses > Edit to enable, disable, or reset MFA for a local admin user.


  1. Click ellipses at the end of the local admin account user. The Edit Admin page displays.

  2. Toggle the Multi-Factor Auth radio button from "Disabled" (default) to "Enabled".

  3. The next time the local admin logs in to their account, the admin must authenticate using an authentication app or a one-time password. Emails are sent to the email associated with the admin's Netskope account.

  4. Optionally, you can disable an admin's MFA. Toggle the Multi-Factor Auth radio button to Disabled. You will see the following warning message.

  5. Optionally, you can reset the admin's MFA. Click Reset to disable MFA for a local admin. You will see the following warning message.


Navigate to Settings > Administration > Audit Log to view MFA local account user activity.