Siga las instrucciones aquí para traducir esta página a otro idioma usando Chrome.
Multi-factor authentication (MFA) adds an extra layer of security to the HealthSherpa account by requiring a second verification step at login.
In this article we'll cover:
Enabling MFA
As of August 13, 2025, the Centers for Medicare & Medicaid Services (CMS) requires multi-factor authentication (MFA) to be set up for agents to access the HealthSherpa account.
The first time an agent logs in after creating an account, they will be prompted to set up MFA. Agents can also manage MFA from the Settings page.
From the Two-factor authentication page, select the desired authentication method to proceed.
Selecting an authentication method
From the Two-factor authentication page, agents choose how they would like to receive their authentication code at future logins. Agents can choose to receive authentication codes by text or by using an authenticator app.
Select the Set up button next to the desired authentication method.
Text messages
Text messages
Select the Set up button next to Text message. The Text message two-factor authentication page will load.
Enter your mobile phone number then select the 'Send code' button.
A success banner will appear at the top of the screen. A text message containing an authentication code will be sent to the phone number provided.
Enter the authentication code into the Auth code field.
Then, enter the current HealthSherpa account password into the Current password field. This is the same password used to log in to the HealthSherpa account.
Select Enable two-factor auth to finalize MFA setup. Recovery codes will be displayed. Save these codes in a secure location. Select Done when ready to proceed.
The two-factor authentication page will reload. To also set up the authenticator app method, select Set up next to Authenticator app.
Authenticator app
Authenticator app
Select the Set up button next to Authenticator app. The Authenticator app two-factor page will load.
Download the Google Authenticator app to your mobile device, then open the app and scan your unique QR code. A 6-digit authentication code will appear in the Google Authenticator app.
Enter the authentication code into the Auth code field.
Then, enter the current HealthSherpa account password into the Current password field. This is the same password used to log in to the HealthSherpa account.
Select Enable two-factor auth to finalize MFA setup. Recovery codes will be displayed. Save these codes in a secure location. Select Done when ready to proceed.
The two-factor authentication page will reload. To also set up text message authentication, select Set up next to Text message.
Select Back to settings to return to the dashboard.
Using MFA
After MFA is enabled, agents will be prompted for two things at each login:
Email address & password
An authentication code
Accessing recovery codes
If access to a mobile phone is lost (for example, if it is lost, broken, or uncharged), the authentication code required at login may not be accessible. In these situations, a recovery code is needed to log in to the account.
Recovery codes are displayed after MFA is successfully enabled. These codes are unique to the HealthSherpa account. Save them in a secure location.
To access recovery codes at any time, go to the Two-factor authentication page by following the steps in the Updating MFA settings section below. Then select View codes.
Updating MFA settings
MFA settings can be updated from the Settings page at any time after logging in.
Selecting Edit authentication from the Two-factor authentication section will relaunch the Two-factor authentication page where updates will be possible.
Frequently asked questions
Is MFA required?
Yes. As of August 13, 2025, CMS requires MFA to be set up in order to access the HealthSherpa account.
Do agents need to enable MFA more than once?
No. Agents only need to enable MFA one-time. If the agent has multiple HealthSherpa accounts, the agent will be required to enable MFA for each account.
Additional resources
For help using HealthSherpa or for other assistance, contact Agent Support. Agent Support is available by phone at (888) 684-1373, by email at Agent_Support@HealthSherpa.com, or by chat directly from your account.