Multi-Factor Authentication
Multi-Factor Authentication (MFA) is an enhanced security system that verifies a user’s identity by requiring two or more forms of authentication. Rather than just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone.
MFA is an effective way to provide increased security. Usernames and passwords can be stolen, and they have become increasingly susceptible to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be.
With MFA, even if an attacker manages to learn the user's username and password, it is useless without also having possession of the additional authentication method. In OneStop Reporting, MFA works by requiring two authentication methods:
- Something you know (username and password)
- Something you have (an authenticator app on your mobile device)
What is an authenticator app and how does it work?
An authenticator app is usually installed on a smartphone and you scan a barcode or enter a key to create an account. After the account is created, the authenticator app generates a 6-8 digit passcode every 30 seconds. The passcode can, for example, be used for login as an extra authentication method in addition to a username and password.
The passcodes are generated from a secret code that is shared between the service you are using, such as OneStop Reporting, and your device, as well as the current time.
Google Authenticator app example
Where can I get an authenticator app and which one should I use?
There are a variety of authenticator apps you can download to your phone from Google Play and the IOS App Store, but we recommend that you use Google Authenticator or Microsoft Authenticator, as those are the ones we have fully tested our MFA solution on.
For more information about installing and setting up an Authenticator app, see Install and set up Authenticator app
How can I get MFA in OneStop Reporting?
In OneStop Reporting, users can set up MFA from their user settings. In addition, administrators can enforce an MFA policy for all end users. See the user procedures below for more information:
User procedures
(Option 1)
Administrator at top level enables Multi-Factor Authentication (MFA) policy for all users
- Go to Administration
- Go to the Customer settings tab.
- Under Security settings, click ✏️ Edit.
- Under Portal sign-in, select ✅ the Multi-factor authentication checkbox.
Multi-Factor Authentication (MFA) policy is now enabled for this organization. All users must use MFA to sign into the underlying tenants and groups.
User sets up MFA
If your administrator has enabled a Multi-Factor Authentication (MFA) policy for your organization, you will receive a message:
Your organization's security policy requires you to set up Multi-Factor Authentication (MFA) for your account.
- Click Next.
- Install an authenticator app on your mobile device. NOTE: You can, for example, use Microsoft Authenticator or Google Authenticator.
- Scan the image on the screen into your authenticator app. NOTE: If you cannot scan the image, you can enter the code you see under If you are unable to scan….
- In the Code field, enter the code from your authenticator app.
- Click Verify.
You have now set up MFA for your OneStop Reporting user profile. The next time you sign in to OneStop Reporting portal, you must enter your username and password, and then enter a verification code from your authentication app.
User signs in to OneStop Reporting with Multi-Factor Authentication
- In the Username/Email field, enter your email or username.
- In the Password field, enter your password.
- In the Verification code dialog, enter the code from your authenticator app.
- Click Verify.
If you do not have a verification code, click the Do not have a code? link to read more about the MFA setup.
(Option 2)
User enables and sets up Multi-Factor Authentication
- In the upper right-hand corner, click User options > My Profile.
- Under Security, turn on the Enable Multi-Factor Authentication switch.
- Install an authenticator app on your mobile device. NOTE: You can, for example, use Microsoft Authenticator or Google Authenticator from Google Play or App Store.
- Scan the image on the screen into your authenticator app. NOTE: If you cannot scan the image, you can enter the code you see under If you are unable to scan….
- In the Code field, enter the code from your authenticator app.
- Click Verify.
You have now set up MFA for your OneStop Reporting user profile. The next time you sign in to OneStop Reporting portal, you must enter your username and password, and then enter a verification code from your authenticator app.
If you want to see a video on how to set up MFA on your account, click here.
User signs in to OneStop Reporting with Multi-Factor Authentication
- In the Username/Email field, enter your email or username.
- In the Password field, enter your password.
- In the Verification code dialog, enter the code from your authenticator app.
- Click Verify.
If you do not have a verification code, click the Do not have a code? link to read more about the MFA setup.