Users that log in to Dayforce using an IP address that is exempt from authenticating using MFA can log in to Dayforce with just their login credentials. When you delete an MFA exemption rule in Dayforce, the impacted user or users are required to successfully authenticate themselves using two-factor authentication when they log in to Dayforce. This includes their login credentials and a second factor authenticator such as, a SMS text message or a voice call containing a 6-digit code that must be entered into Dayforce when logging in to Dayforce.
Before You Begin: You must be a system admin user to delete Multifactor Authentication (MFA) exemption rules in Dayforce. Your system admin role must also have access to the System Admin > Multifactor Authentication role feature in the Features tab in System Admin > Roles.
Deleted rules can't be restored. You must recreate the rule in Dayforce if you need to use the rule again. For your convenience, you can disable a rule, rather than delete it. For more information about enabling and disabling rules, see MFA Exemption by IP Address.
To delete MFA exemption rules:
- Go to System Admin > Multifactor Authentication.
- Select the rules you want to delete from the list of rules in the IP Address Exceptions section of the MFA Configuration tab.
- Click Delete.
- Click Save.