Multi Factor Authentication - A Guide for Users

Rachel Kinkead Updated by Rachel Kinkead

Getting Started

Our MFA Administration tool is now mandatory for all customers (excluding SSO users), providing an extra layer of security for users accessing the Governance and Risk platform.

Now that Multi-Factor Authentication has been enabled for your Organisation, you'll see the setup screens when you next access your account.

You'll be prompted to select a method by which to receive the Authentication codes - the default is SMS (text message) but your account Administrator will choose the method(s) available to you.

Once you enter your mobile number and click Continue, you'll be prompted to confirm the mobile number via an authentication code.

The Authentication code can now be entered in this screen:

If the ‘Trusted Device’ option has been enabled by your account Administrator, you can choose to mark your current device as trusted (this means that next time you log in, the MFA step will not need to be completed).

Events such as browser updates or clearing cookies will reset the trusted device period and you'll encounter the MFA screen when you next log in.

In the next screen, you have the opportunity to note a recovery code, should there ever be an occasion where MFA codes aren’t coming through via, or you lose access to, email and/or SMS. We recommend you copy this code then store it in a safe and secure location.

You can enter a backup number at this point, or this can be done later via My Account. In the My Account page, you can check or update your MFA preferences at any time. Should you lose access to your email or primary mobile number, you'll be able to login by generating a code to the backup method.

Once the initial setup options have been selected, you will encounter the main MFA screen upon subsequent logins. For example, if both SMS and email have been activated, you can choose which medium you want to receive the authentication code by. In this example, the user can choose to receive the code via email instead:

You’ll be given the option to send the authentication code to the email address configured during the setup stages, and click Continue to generate the code:

The code received in the email is then entered to the Authentication Code boxes, in the same way as SMS generated codes:

Changes you can make

In the My Account screen, users have the ability to update their own Multi-Factor Authentication preferences, depending on what's been allowed by the System Administrator. As MFA is mandatory, everyone is required to have at least one method selected.

A backup mobile number can be added or updated here, and a new Recovery code can be generated, if you have used or lost the one generated during MFA setup.

Troubleshooting

Codes not coming through to your mobile?

Sometimes mobile carrier issues can mean there's a delay in text messages getting through. If this ever happens and you're not receiving your codes as expected, you can:

  • select a different method (if you have the email option instead)
  • use the one-time rescue code you saved during setup
  • ask your account Administrator to send you a MFA rescue code

Once you have access to your account again, go to My Account and check your MFA details.

Forgot to save your rescue code or need a new one?

In My Account, you can generate a new rescue code, if you have used it, or if you didn't save/have misplaced the original generated during setup. Try to save it somewhere safe and don't worry, your account Administrator can always send you one if you're stuck.

Was this article useful?

Support is Evolving

Contact