Ask Springshare

How does MFA work with LibApps?

Multi-factor Authentication (also known as MFA) is one of the best and most reliable ways to ensure that bad actors aren't able to access your account to gain entry to the applications you use. It adds an extra layer of protection to your data and personal information. MFA is an effective tool for ensuring that only you have access to your account. Even if a bad actor has gained access to your login and password for LibApps, they will not be able to log into LibApps without the second layer of authentication that MFA provides.

Once you've established an MFA connection for your account, whenever you log into LibApps, you'll be prompted to go through the same verification process you chose for your account. If you need to change the method you're using for MFA, you (or a LibApps Admin) can turn off (aka reset) your account's MFA setting, allowing you to select a new method.

Timeline for requiring MFA with LibApps accounts

• July 2025 release: Springshare will require all Admin-level account holders in any app to have MFA set up on their LibApps accounts.
  • We don't have exact July release dates to share with you at this time. Please register for our blog and/or Springshare Lounge email notifications so you know as soon as we announce our release dates.
    • Sign up for blog (and/or our newsletter) notifications
    • Learn how to activate notifications for categories on the Springshare Lounge
• By the end of 2025: All remaining accounts in any app are required to have MFA.
  • We will communicate more broadly about this as we near the end of the year.

Can we require all of our account holders to use MFA now instead of waiting?

Absolutely! Adding MFA to further secure all accounts is a great step to take, and one that will be required by the end of the year.

• Require users to use multi-factor authentication (MFA) to sign into LibApps
  • Note: Currently, you will see an "Optional" choice for requiring MFA to sign in. After the July release, that setting will only apply to non-Admin level users and will be removed by the end of the year.

Activate MFA for your LibApps account

We have written instructions and videos to help guide you through the process of activating MFA for your LibApps account.

• Documentation: Activate multi-factor authentication for your account
• SpringyU: Setting Up multi-factor authentication for your account (3.5-minute video)
• Training recording: Activating multi-factor authentication (22-minute video)

Accounts in multiple LibApps systems

If you have an account in multiple LibApps systems—perhaps in your own library's system and the LibAnswers system for a chat consortium—you only need to set up MFA once for your account. Your MFA authentication will work across systems within the same server region.

Problems with your authentication app?

If you set up MFA with an authenticator app and are having issues, your first troubleshooting step is to have one of your local LibApps Admins reset the MFA setup for your account. After they've reset your account's MFA setting, you can set it up again.

Manage MFA for the accounts in your LibApps system

Management of MFA for your system's LibApps accounts, as with all account management, resides at the local customer level by your institution's LibApps Admins. If an account holder in your LibApps system needs to remove MFA for any reason, they must ask a LibApps Admin at their institution to remove it from their account so they can set up a new authentication method for their account. LibApps Admins can also see details on which accounts have activated MFA, and the type of authentication (authenticator app or email) they're using. Please ensure that your LibApps system has more than one LibApps Admin to process these requests.

Note: If a LibApps account holder contacts Springshare Support to reset MFA for their account, we will direct them to contact their local LibApps Admins to complete the reset process.

Learn more

• What can a LibApps admin do?
• Accounts & LibApps Admin: Edit a user's email address, name, password, and MFA settings
• Accounts & LibApps Admin: Add or remove LibApps admin permissions for a user

Shared LibApps accounts are discouraged

Please avoid using shared LibApps accounts. With your Springshare subscription, you can create unlimited user accounts (except in LibStaffer). We strongly encourage all users to have their own account to benefit from enhanced security, accurate audit logging, better stats, and more precise login activity. Accounts can be set to Inactive in order to preserve statistics if/when they are no longer necessary.

Please note that if you choose to use or keep shared accounts, those accounts are not exempt from the MFA requirement. 

Learn more

• Accounts: Add, remove, manage, and combine user accounts in LibApps

Logging in via SSO (LibAuth)

Your LibApps system may require users to sign into LibApps with your SSO via LibAuth, or it may display both the LibApps and SSO login options. The MFA requirement for LibApps logins does not affect users who sign in via your SSO. You will follow the authentication requirements set by your SSO.

• If your SSO requires MFA, then you'll complete the MFA through your SSO.
• If your SSO does not require MFA, you will not be prompted to use or set up MFA in LibApps when you log in through your SSO.

In either case, we encourage you to set up MFA for your account in LibApps in case of a potential service disruption with your SSO.

Note: You will continue to see the alert banner on LibApps pages until you set up MFA for your account in LibApps. We cannot turn it off based on whether you're using SSO.

Learn more

• LibAuth: Require users to sign into LibApps with your SSO
• LibAuth: Allow users to sign in with their LibApps Login or LibAuth (SSO)