What is Multi-Factor Authentication (MFA)?
MFA is a security measure that requires users to provide two or more forms of identification before gaining access to an account or system. This typically involves something you know (like a password), something you have (like a smartphone or security token), and something you are (like a fingerprint).
Why is MFA being enforced?
MFA is being implemented to enhance the security of your user account and protect sensitive information from unauthorised access. It adds an extra layer of protection beyond just a password.
Is special hardware required to use MFA?
An authentication app or a browser extension would be required for the additional authentication method. Many authentication apps are free and can be installed on a smartphone, laptop or desktop PC.
What are the available MFA methods?
There are a multitude of free authenticator applications out there that can be used. The list below shows some of the popular applications that may meet your requirements to complete OneTimePassword support. Please check any licensing or other concerns with your IT providers.
| App Name | Available on | Download |
| Microsoft Authenticator | Phone app only | Download Here |
| Google Authenticator | Phone app only | Download Here |
| Authy | Phone app only | Download Here |
| 2 Factor | Desktop & Phone app | Download Here |
| WinAuth | Desktop app only | Download Here |
| Microsoft Edge authenticator | Browser extension | Download Here |
Can I use alternative ways to authenticate, such as SMS or email?
No, only authentication applications or browser extensions are permitted.
Our hotel has policies that forbids the use of phones on the front desk?
Don’t worry we have you covered with desktop and browser extension authenticator options, that can be downloaded onto your work computer or laptop.
Will I have to enter the authentication code on every log in?
No, there is a prompt on the login screen to remember the device for 30 days. If selected then a code will only be required upon log in every 30 days.
What happens if I have misplaced my authentication device (i.e. forgot/lost my phone)?
If you are unable to access your MFA device, your system administrator (someone with MFA enabled and access to user management options) can either temporarily disable MFA for you, or they can reset MFA on your account so you can enrol a new device. To note it is vital that you save the recovery code when prompted through the enrolment, to make this process as smooth as possible.
How is MFA disabled if I no longer want to use it?
Where possible MFA should not be disabled unless you are wanting to set up a different verification method. If deactivated, and you have access to the User management options, be aware these will no longer be available to use when MFA is disabled. Also, please note that disabling MFA will significantly reduce the security of your account. If needs be, MFA can be disabled via the user management page in SSO.
What can be done if I am having trouble with MFA?
You can check the following:
- Check that their MFA device or app is functioning correctly.
- Ensure they are entering the correct code.
- Ensure that the code being entered is current.
- Check the MFA device time settings are correct.
Is MFA information secure?
Yes, MFA information is encrypted and handled securely. The additional layer of verification helps protect the account from unauthorised access.
How does MFA protect user accounts?
MFA adds an extra layer of security beyond a password, making it significantly harder for unauthorised users to gain access to your account, even if they have the correct password.
Comments
0 comments
Article is closed for comments.