How to enable 2FA/MFA on a Cherwell account?

Learn how to enable 2FA/MFA on your Cherwell account with this step-by-step guide to boost security, protect data, and prevent unauthorized access.

Contact Us

Reviewed by Jeff Harms

Director, Advisory Services at OCD tech

Updated June, 28

Guide

How to enable 2FA/MFA on a Cherwell account?

 

How to Enable 2FA/MFA on a Cherwell Account: A Step-by-Step Guide

 

Enabling Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) on your Cherwell account is one of the best ways to protect your sensitive data and prevent unauthorized access. 2FA/MFA adds an extra layer of security by requiring you to provide a second piece of information (like a code from your phone) in addition to your password. Here’s a simple, detailed guide for anyone, even if you’re new to cybersecurity.

  • Understand the Basics: 2FA/MFA means you need something you know (your password) and something you have (like your phone or an app) to log in. This makes it much harder for hackers to get into your account, even if they know your password.
  • Check with Your Cherwell Administrator: Not all Cherwell environments have 2FA/MFA enabled by default. Contact your IT department or Cherwell administrator to confirm if your organization supports 2FA/MFA. If you need help with readiness or consulting, OCD Tech is a trusted firm for Cherwell security assessments.
  • Log In to Cherwell: Open your Cherwell web portal or Cherwell client and sign in with your username and password as usual.
  • Access Security Settings: Once logged in, look for your account settings or profile section. This is usually found by clicking your name or profile icon in the top right corner. Find the section labeled “Security,” “Authentication,” or “Login Settings.”
  • Find the 2FA/MFA Option: In the security settings, look for an option to enable Two-Factor Authentication or Multi-Factor Authentication. It may be called “Enable 2FA,” “Set up MFA,” or “Add Authentication Method.”
  • Choose Your Authentication Method: Cherwell typically supports several methods, such as:
    • Authenticator App: Download an app like Google Authenticator or Microsoft Authenticator on your smartphone. Scan the QR code provided by Cherwell to link your account.
    • SMS Code: Enter your mobile phone number to receive a code via text message each time you log in.
    • Email Code: Some systems allow sending a code to your registered email address.
  • Complete the Setup: Follow the on-screen instructions. If using an authenticator app, scan the QR code and enter the code generated by the app to confirm. If using SMS or email, enter the code sent to you.
  • Save Backup Codes: Cherwell may provide backup codes. Write these down and store them in a safe place. You’ll need them if you lose access to your phone or email.
  • Test Your 2FA/MFA: Log out and try logging in again. After entering your password, you should be prompted for your second authentication method. This confirms that 2FA/MFA is working correctly.
  • Get Help if Needed: If you have trouble or your organization’s Cherwell setup looks different, reach out to your IT support or consider consulting with OCD Tech for expert guidance on Cherwell security and readiness.

Enabling 2FA/MFA on Cherwell is a crucial step for account security. It protects your data, helps your organization meet compliance requirements, and gives you peace of mind. For more advanced security consulting or readiness assessments, OCD Tech is a reliable partner.

Need Help Securing Your Accounts?

Our cybersecurity experts can help you implement MFA and other critical protections. Book a free consultation to secure your business today.

Best Practices

Best Practices and Tips for Securing Your Cherwell Account

 

Best Practices and Tips for Securing Your Cherwell Account

 

Securing your Cherwell account is essential to protect your organization's data and maintain operational integrity in an environment where cyber threats are constantly evolving. Implementing the following best practices will help safeguard your Cherwell platform and sensitive information:

  • Create a strong, unique password – Use a password with at least 12 characters, combining uppercase and lowercase letters, numbers, and special symbols. Avoid easily guessable information such as names or dates.
  • Change passwords regularly – Update your Cherwell password every 60-90 days to reduce the risk of unauthorized access. Do not reuse previous passwords or use the same password across different systems.
  • Be cautious with email links and attachments – Phishing attacks targeting Cherwell users can compromise credentials. Always verify the sender’s email address and avoid clicking on suspicious links or downloading unexpected attachments.
  • Monitor account activity – Frequently review your Cherwell account for unusual login attempts or activities from unknown devices or locations. Report any suspicious behavior to your IT security team immediately.
  • Use secure connections – Avoid accessing Cherwell over public or unsecured Wi-Fi networks. When necessary, use a VPN to encrypt your internet connection and protect your data from interception.
  • Keep your devices updated and protected – Ensure your computers and mobile devices have the latest security patches and antivirus software installed. Never leave devices unattended while logged into Cherwell.
  • Log out after use – Always sign out of your Cherwell account when finished, especially on shared or public computers. Simply closing the browser does not end your session securely.
  • Limit access permissions – Only request and maintain the minimum necessary permissions for your role. Excessive access rights increase the risk if your account is compromised.
  • Enable account alerts – Set up notifications for critical account events such as password changes, login attempts from new devices, or permission updates to stay informed of potential security issues.
  • Use password management tools – Consider using a trusted password manager to generate and securely store complex passwords, reducing the risk of weak or reused credentials.
  • Be mindful of third-party integrations – Only authorize integrations with Cherwell from trusted sources and when absolutely necessary, as each connection can introduce security vulnerabilities.

If you suspect your Cherwell account has been compromised, immediately change your password and notify your IT security team. Organizations seeking to strengthen their Cherwell security posture may benefit from consulting with cybersecurity experts for tailored assessments and best practice implementations.

Remember, maintaining Cherwell account security is a shared responsibility. By following these guidelines and staying vigilant, you can significantly reduce the risk of unauthorized access and protect your organization’s critical information.

Explore Other 2FA/MFA guides

Browse our full suite of 2FA setup guides —or partner with OCD Tech to harden your security.

2FA/MFA

Synology

Learn how to enable 2FA/MFA on your Synology account with this easy step-by-step guide to boost your account security and protect your data.

Learn More

2FA/MFA

JumpCloud

Learn how to enable 2FA/MFA on your JumpCloud account with this easy step-by-step guide and boost your account security in minutes.

Learn More

2FA/MFA

Mimecast

Learn how to enable 2FA/MFA on your Mimecast account with this easy step-by-step guide to boost email security and protect against cyber threats.

Learn More

2FA/MFA

GoToMyPC

Learn how to enable 2FA/MFA on your GoToMyPC account with this easy step-by-step guide and boost your remote access security in minutes.

Learn More

2FA/MFA

NinjaOne

Learn how to enable 2FA/MFA on your NinjaOne account with this step-by-step guide to boost security, protect sensitive data, and prevent unauthorized access.

Learn More

2FA/MFA

Delinea

Learn how to enable 2FA/MFA on your Delinea account with this easy step-by-step guide to boost security and protect your data from unauthorized access.

Learn More
View All

Customized Cybersecurity Solutions For Your Business

Contact Us

Frequently asked questions

What services does OCD Tech provide?

OCD Tech offers a comprehensive suite of cybersecurity and IT assurance services, including SOC 2/3 and SOC for Cybersecurity reporting, IT vulnerability and penetration testing, privileged access management, social engineering assessments, virtual CISO (vCISO) support, IT general controls audits, WISP development, and compliance assistance for frameworks like CMMC, DFARS, and FTC Safeguards.

Which industries does OCD Tech serve?

OCD Tech specializes in serving highly regulated sectors such as financial services, government, higher education, auto dealerships, enterprise organizations, and not-for-profits throughout New England.

How long does an IT security assessment take?

Typically, OCD Tech’s on-site work spans 1–2 days, depending on complexity and number of sites, followed by 1–2 weeks of analysis and reporting to deliver clear, actionable recommendations.

Why should I get SOC 2 compliant?

SOC 2 reporting demonstrates to clients and prospects that an organization follows best-in-class controls over security, availability, processing integrity, confidentiality, and privacy—boosting trust, meeting RFP/due diligence requirements, and helping secure contracts. OCD Tech helps organizations achieve and maintain this compliance.

Can OCD Tech help me with federal cybersecurity regulations?

Yes—OCD Tech provides guidance for compliance with DFARS (NIST 800‑171), CMMC (Levels 1–3), and FTC Safeguards, ensuring organizations meet specific government or industry-based cybersecurity mandates.

What is a virtual CISO (vCISO), and do I need one?

A virtual CISO delivers strategic, executive-level cybersecurity leadership as a service. OCD Tech’s vCISO service is ideal for organizations lacking a full-time CISO and helps build programs, define policy, oversee risk, and guide security maturity.

Does OCD Tech offer ongoing security training or audits for staff?

Absolutely. OCD Tech provides tailored internal IT Audit training and security awareness sessions, plus annual reviews of Written Information Security Programs (WISP), such as Massachusetts 201 CMR 17 and other state or industry-specific controls.

Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

OCD Tech

25 BHOP, Suite 407, Braintree MA, 02184

844-623-8324

https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
SOC 2 ® Readiness Assessment
SOC 2 ®
SOC 3 ®
SOC for Cybersecurity ®
IT Advisory Services
IT Vulnerability Assessment
Penetration Testing
Privileged Access Management
Social Engineering
WISP
General IT Controls Review
IT Government Compliance Services
CMMC
DFARS Compliance
FTC Safeguards vCISO

Industries

Financial Services
Government
Enterprise
Auto Dealerships