Securing your Mews Operations user accounts

In Mews Operations, you can configure security settings to protect user accounts and your property data. To help prevent unauthorized access and data use, ensure that all users follow security best practices. Following all security measures also helps you comply with data privacy laws and standards during audits. Set up security settings correctly to help protect against unauthorized access to:  

  • User account information, for example, employee data. 
  • Sensitive property and financial data.  
  • Guest data. 

 

To ensure maximum security of your user accounts, Mews:

  • Enforces two-factor authentication (2FA) as mandatory, or lets you use Single Sign-On (SSO) across your property account. You can learn more about 2FA below. 
  • Requires you to verify your identity to re-authorize your Mews account each time you:

 

Note:

  • Your Mews user account password needs to consist of 12 characters and include symbols or special characters. You can learn more here
  • The Mews login, reset password, and 2FA login screens automatically adjust to match your browser’s language settings. If your browser language is other than the 5 core languages of Dutch, English, French, German, or Spanish, the screen defaults to English. 
  • You might hear the 2FA link via email referred to as a “magic link”. It is a validation link the system sends via email as a second step of the two-factor authentication.

 

In this article you can learn about the following:

 

Account security options in Mews Operations

You can check your security level and apply available security features in the Security screen in Mews Operations. Review your current protection status and follow tips to increase your account security.

To do so:

  1. In Mews Operations, go to the main menu Menu arrow right > Settings > Security > Overview tab.

Security recommendations screen

 

Security overview

Under Security overview, Mews displays the following information:

  • Security level: The overall security level of your property. You can find out more about security levels in the table below:
LevelSmall properties (under 20 users)Large properties (over 20 users)
Low
  • 6 or more property users with admin access
  • Over 30% of property users with admin access
Medium
  • Between 4 and 5 property users with admin access
  • AND either:
    • SSO active AND 2 or fewer property users with exceptions from 2FA
    • OR Device authentication active
    • OR 2FA enforced to email AND 2 or fewer property users with exceptions from 2FA
    • OR over 60% of property users logged in with passkeys AND 1 or fewer property users with exceptions from 2FA
  • Between 15-29% of property users with admin access
  • AND either:
    • SSO active AND under 20% of property users with exceptions from 2FA
    • OR Device authentication active
    • OR 2FA enforced to email AND under 20% of property users with exceptions from 2FA
    • OR over 60% of property users logged in with passkeys AND under 20% of property users exceptions from 2FA
High
  • Between 3 and 4 property users with admin access
  • AND either:
    • OR SSO active AND device authentication active AND 1 or fewer property users with exceptions from 2FA
    • OR 2FA enforced to email AND device authentication active AND 1 or fewer property users with exceptions from 2FA
    • OR over 80% of property users logged in with passkeys AND 1 or fewer property users with exceptions from 2FA
  • Under 15% of property users with admin access
  • AND either:
    • OR SSO active AND device authentication active AND under 10% of property users with exceptions from 2FA
    • OR 2FA enforced to email AND device authentication active AND under 10% of property users with exceptions from 2FA
    • OR over 80% users logged in with passkeys AND under 10% of property users with exceptions from 2FA
Very high
  • Between 1 and 2 property users with admin access
  • AND either:
    • SSO active for all users
    • OR SSO active AND device authentication active AND no exceptions from 2FA
    • OR 2FA enforced to email AND device authentication active AND no exceptions from 2FA
    • OR all users logged in with passkeys AND no exceptions from 2FA
  • Under 10% of property users with admin access
  • AND either:
    • SSO enforced for all domains
    • OR SSO active AND device authentication active AND no exceptions from 2FA
    • OR 2FA enforced to email AND device authentication active AND no exceptions from 2FA
    • OR all users logged in with passkeys AND no exceptions from 2FA

 

  • User accounts secured: The percentage of user accounts secured when you activate 2FA or trusted device authorization.
  • Users logged in with passkeys: The percentage of users logging in with passkeys.
  • Property users with admin access: The number of property users with admin access privileges.
  • Security features activated: The number of security features active. Note: Mews counts only features available to configure
  • Security recommendations: These are recommendations based on your property’s current security level. You can click the relevant links to update specific security settings, such as, reviewing admin users or requiring passkeys for all users.

Security recommendations screen

 

Security features

You can apply available security features in the Security settings screen.

 

You can set up to protect your own user account: 

  • Passkeys: Passkeys are a secure and easy way to log into your Mews account without relying on email or two-factor authentication. You create a passkey once and use it to access your account from devices like your phone, browser window, or tablet. Learn more in the help article how to create passkeys for your Mews account. 

 

To protect Mews user accounts, and promote maximum security, the system enforces two-factor authentication (2FA) as mandatory for all Mews accounts:  

  • Enforced two-factor authentication (2FA): Two-factor authentication (2FA) in Mews means signing into your Mews account in two steps; first with your login password and then authenticating your account by clicking a link via email, or an entering an authentication code generated by an authenticator app. You can learn more about 2FA below.

Your system admin can set up the following security measures in Mews Operations:  

 

Note: Only user accounts with Admin permissions have access to your properties' security options. 

 

Passkeys

Passkeys are a secure and easy way to log into your Mews account without relying on email or two-factor authentication. You create a passkey once and use it to access your account from devices like your phone, browser window, or tablet. Learn more in the help article how to create passkeys for your Mews account. 

     

    Two-factor authentication (2FA)

     

    Two-factor Authentication (2FA) verifies user identity and controls access to Mews Operations. It requires two forms of authentication to access resources and data. 2FA means users sign into their Mews account in two steps:

    1. Their username and password
    2. A second authentication method:

     

    This is to add an extra layer of security to your Mews property account. Mews recommends activating 2FA via email and following all recommended security best practices. 

     

    To ensure maximum security of your Mews user accounts, the system enforces two-factor authentication as mandatory for Mews accounts. User accounts are more secure when users sign in using both a password and secure email link, or authentication code.

     

    Even if the password is compromised, the system blocks access without email verification, or a one-time 6-digit authentication code.  

     

    For specific roles where two-factor authentication is not possible, you can create a 2FA exception list. You can learn more here.  

     

    You can learn more about the 2FA login journey in Mews here

     

    Trusted Device Authorization 

    Note: Properties that enforce Single Sign-On (SSO) do not require device authorization. 

     

    This feature enhances account security by ensuring that only approved devices can access a particular Mews account. You can authorize multiple devices as trusted when logging in to Mews. Enable this feature when you first access Mews from a new device or location, using the link shared with you via email to approve each device securely.  

     

    You can manage your trusted devices via your account settings and remove them to remotely log out of a device. You can learn more Trusted Device Authorization here.   

     

    Identity Access Management is a product you can purchase for your Mews account, that helps you securely manage your users, roles, permissions, access rights and more. It helps increase security on your Mews property or portfolio account, and that of your users.  

     

    It includes: 

     

     

     

    Was this article helpful?
    00



    Feedback