Multi Factor Authentication - A Guide for Users

Rachel Kinkead Updated by Rachel Kinkead

Getting Started

Our MFA Administration tool is now mandatory for all customers (excluding SSO users), providing an extra layer of security for users accessing the Governance and Risk platform.

Now that Multi-Factor Authentication has been enabled for your Organisation, you'll encounter the setup screens when you next access your account.

You'll be prompted to select a method by which to receive the Authentication codes; the default is SMS (text message) but your account Administrator will choose the method(s) available to you.

A screen shot of the MFA enabled screen.

Once you enter your mobile number and click Continue, you'll be prompted to confirm the mobile number via an authentication code.

Confirm your device. Send a code then Continue.

A screen shot of a text message containing the authentication code.

The Authentication code can now be entered in this screen:

Window with boxes asking user to enter the 6-digit authentication code.

If the ‘Trusted Device’ option has been enabled by your account Administrator, you can choose to mark your current device as trusted (this means that next time you log in, the MFA step will not need to be completed).

Events such as browser updates or clearing cookies will reset the trusted device period and you'll encounter the MFA screen again when you next log in.

"Remember this device?" popup asking if this is a trusted device. Checkbox to confirm and Continue button to move to next step.

In the next screen, you have the opportunity to note a recovery code, should there ever be an occasion where MFA codes aren’t coming through via, or you lose access to, email and/or SMS. We recommend you copy this code then store it in a safe and secure location.

"Verification complete" confirmation screen with one-time rescue code. Buttons to copy code and Continue.

You can enter a backup number at this point, or this can be done later via My Account. In the My Account page, you can check or update your MFA preferences at any time. Should you lose access to your email or primary mobile number, you'll be able to login by generating a code to the backup method.

Option to add a backup mobile number with a field to enter the number and a dropdown to select the country code. Buttons to skip this step or to verify back up number.

Once the initial setup options have been selected, you will encounter the main MFA screen upon subsequent logins. For example, if both SMS and email have been activated, you can choose which medium you want to receive the authentication code by. In this example, the user can choose to receive the code via email instead:

MFA screen showing options to send code to mobile number or to email.

You’ll be given the option to send the authentication code to the email address configured during the setup stages. Click Continue to generate the code and the email will be sent:

Screen shot of an email containing the verification code.

The code received in the email is then entered into the Authentication Code boxes, in the same way as SMS generated codes:

Window with boxes to enter the 6-digit authentication code.

Changes you can make

In the My Account screen, users have the ability to update their own Multi-Factor Authentication preferences, depending on what's been allowed by the System Administrator. As MFA is mandatory, everyone is required to have at least one method selected.

A screen shot of the MFA section in the My Account screen.

A backup mobile number can be added or updated here, and a new Recovery code can be generated, if you have used or lost the one generated during your initial MFA setup.

Troubleshooting

Codes not coming through to your mobile?

Sometimes mobile carrier issues can mean there's a delay in text messages getting through. If this ever happens and you're not receiving your codes as expected, you can:

  • select a different method (if you have the email option instead)
  • use the one-time rescue code you saved during setup
  • ask your account Administrator to send you a MFA rescue code

Once you have access to your account again, go to My Account and check your MFA details.

Forgot to save your rescue code or need a new one?

In My Account, you can generate a new rescue code, if you have used it, or if you didn't save/have misplaced the original generated during setup. Try to save it somewhere safe and don't worry, your account Administrator can always send you one if you're stuck.

Was this article useful?

Support is Evolving

Contact