FAQ for Users: JumpCloud Protect

If your Admin enables it, you can download the JumpCloud Protect® mobile app to secure your accounts using Multi-Factor Authentication (MFA). The app can be downloaded from the iOS App Store or the Google Play Store. Once you have downloaded the app and successfully enrolled your device, you can authenticate using Push MFA or Verification (TOTP) Code MFA, see MFA Guide for Admins to learn more. 

This  article answers common questions and offers suggestions to troubleshoot any issues that may arise during your use of JumpCloud Protect. 

Where can I download JumpCloud Protect?

JumpCloud Protect can be downloaded from the iOS App Store or the Google Play Store.

My notifications did not display on my Android device.

On Android devices, Push notifications do not wake the device from sleep, though a sound may play if enabled. You will need to wake the device before interacting with the Push notification.

Can I run JumpCloud Protect on a tablet?

The JumpCloud Protect app may run on a tablet but is not optimized for tablets at this time.

I can’t complete enrollment.

There are a number of reasons why this may occur. Some common reasons, and solutions, include:

Can I enroll multiple devices at once?

No. Currently, you can only enroll one device at a time with JumpCloud Protect.
When enrolling a new device, you must enroll the new device before wiping the old one or log in using another factor. If those steps are missed you will have to contact your admin.

If I enroll in Push MFA, am I automatically enrolled in Verification Code MFA?

No. You need to enroll in each type of MFA separately.

Can I transfer my Push MFA enrollment to another device?

No, enrollments cannot be transferred. When you enroll a new device through the JumpCloud User Portal, the old device is automatically unenrolled.

I did not receive a push notification on my device.

Ensure the following:

  • Your device is not in airplane mode and your Wi-Fi network is receiving data. 
  • That your device is on a cellular network.
  • The cellular data is turned on.
  • The notifications are turned on for the JumpCloud Protect app.
  • The clock on your device is automatically set. If the clock is not automatic, the notification will be received but may be expired.
I traveled outside of the country and now can’t receive notifications.

In order to receive push notifications, your phone must be able to connect to a network, either Wi-Fi or data.

Additionally, push notifications on Android devices may not work in countries such as China because the Google Cloud Messaging (GCM) service may be blocked.

What if I have wiped my device?

If you have configured an alternate MFA method such as TOTP or WebAuthn, you can use that method to log into your User Portal and remove Push enrollment. If you have not set up an alternative factor, you should contact your Admin and have them contact JumpCloud.

What data does JumpCloud Protect collect?

JumpCloud Protect will collect certain diagnostic and usage data for troubleshooting issues and continuous app improvements. No user information is collected.

Can I stop diagnostic and usage data collection on my device?

Yes. In the JumpCloud Protect app, you can opt out of diagnostic and usage data collection from the Settings > Privacy screen.

I already enrolled in Verification Code MFA through Google Authenticator/Authy/Duo. Can I continue to use that?

Yes. If you decide to use JumpCloud Protect for verification code MFA in the future, you need to enroll in it using your JumpCloud User Portal. Once you do so, your current Verification code MFA will be reset and you will have to use JumpCloud Protect.

I am not receiving push notifications.

Here is some troubleshooting to ensure you receive push notifications: 

  • Verify that your device is not in "Do Not Disturb" mode.
  • Ensure that your device is connected to Wi-Fi or data, and that your connection is strong enough to receive notifications.
  • Ensure that the JumpCloud Protect app has permission to receive push notifications. This can be enabled under your device’s Settings screen.
  • Restart your device and try to receive a notification again.
  • Contact your org’s Admin.
Biometric Login is not working.
  • Touch ID could fail because of a wet finger or something similar. You can revert to using passcode or can try TouchID again.
  • Face ID could fail for multiple reasons (awkward positioning, mask-wearing). You can revert to using passcode or can try Face ID again.
  • If Biometric is still not working you should use a different factor such as TOTP or webauthn.
How can I protect against Push Bombing and MFA Fatigue attacks?

Push Bombing is a hacking method of triggering multiple 2FA attempts using push notifications until the user may accept the request accidentally.  MFA Fatigue is the term for when, due to multiple 2FA requests, a user accepts the fraudulent request out of frustration. Here are ways to protect yourself against  an attack:

  • Make sure you are following a strong password policy.
  • Enable biometric on your device and ask your administrator to enable it for JumpCloud Protect.
  • Verify application and location information before approving a push request. Location information does not have 100% accuracy, especially at the city level. If you suspect a request is fraudulent, deny the request and notify your IT admin.

Important:

JumpCloud protects against fraudulent push attempts by blocking more than one notification per resource within a sixty second timeout period (the number of maximum concurrent attempts can be changed by an Admin). You can try again after the timeout or after you have approved or denied the initial request. 

Notifications which might have been lost due to a bad network or accidental deletion will still be fetched; users don’t have to re-send the notification for those scenarios.

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case