Firm users with administrator permissions can invite, require, and reset multi-factor authentication (MFA) for other firm users on the Clio Manage account. Users who have not yet enabled MFA after MFA became mandatory in January of 2026 will be required to do so on their next login.
Important: Only users with administrator permissions and the primary subscriber on the account can see the MFA status of active users at their firm and perform the actions below.
Invite users
- Go to Settings > Security & Compliance > Firm Security.
- For those users who have not yet enabled MFA, you can click Invite to enable MFA in the Actions column. This action will send the user an email requesting that they turn on MFA with instructions on how to do so.
- Optional: Click Send reminder to send the invited user a reminder.
Reset MFA
If a firm user is locked out of their Clio account and they are unable to sign in or use any backup codes, an administrator can reset MFA on their account as long as the administrator has MFA enabled on their own account first.
Important: An administrator cannot reset MFA on the primary subscriber’s account. If this method does not work, the user will need to contact Clio's support team to proceed with the account recovery process. Learn more here.
- Go to Settings > Security & Compliance > Firm Security.
- For the relevant user, in the Action column, click Reset MFA.
- Read the warning in the modal, and after confirming the reset request is legitimate, check the box confirming that you want to reset MFA. Then click Reset MFA. This action will send the user an email requesting that they reset their password and the instructions for how to do it
Tip: If a user runs out of backup codes, resetting MFA will produce a new set of backup codes.