Articles in this section

See more

Using Multi-Factor Authentication for user login

  • Updated

Using Multi-Factor Authentication for user login

 

Multi-factor authentication (MFA) is a multi-step login process that requires a user to enter more information than just a password, adding an extra layer of security to the authentication process.

Multi-factor authentication (MFA) is available to be used in Assure when authenticating with username and password. When enabled, users will be emailed a one-time passcode they need to enter to log in.

You can enable MFA for main system Assure and the mobile app AssureGO+ independently. Enabling MFA for AssureGO+ applies to all your instances of AssureGO+.

Once enabled your users will need access to the email account linked to their user profile to log in, so consider whether your AssureGO+ users will have this if they are using AssureGO+ around sites.

Setting up MFA:

  • MFA must be enabled in the Assure System Settings by the Evotix team. Please raise a ticket through the Evotix Support Portal to request MFA to be enabled. 
  • Users must have unique email addresses to use MFA.
  • Login Management must be used. If you do not currently use this you will need to set this up.  
    Go to Settings>System Settings> Password and Login Management  and check  ‘Use Login Management’ in the Assure System Settings. 
    You can set the following options:
    • You can set the number of times a user can enter an incorrect password and MFA code to a maximum of 10 times.
    • You can specify the time limit for incorrect log-in attempts.
    • You can specify how long a user account is locked for if they enter the incorrect log-in details too many times.
    • You have the option to choose an email address to be notified if a user account is locked. You may choose to add a System Administrator here, System Administrators can manually unlock user accounts via User Management if required.
    • In the example below, a user has 5 attempts within 1 minute to log in correctly. If they fail, their account will be locked for 1 minute. After waiting 1 minute, they can try again.

A screenshot of a computer screen Description automatically generated with low confidence

When MFA is enabled, users will enter their Assure username and password: 

A close-up of a login form Description automatically generated with medium confidence

After selecting the ‘Log in’ button, they will be presented with the screen to enter the 6-digit code, which is sent via email to the email address linked to their user account.

A screenshot of a login form Description automatically generated with medium confidence

If they don’t receive the email, there is the option for users to re-send the verification email. Please note, if the re-send verification email option is used this will send a second email to the user with a NEW verification code.

If a user is having some difficulties logging in with MFA, or they cannot access their emails, System Administrators have the option to generate the MFA code on behalf of the user. This code can then be shared with the user to allow them to log in:

A screenshot of a computer Description automatically generated with medium confidence

A screenshot of a computer Description automatically generated

Note: you will only see the option to generate code where this applies e.g. If you choose to enable MFA for Assure only, this option will not be available for AssureGO+ only users.

Return to top

Related articles