What is Multi Factor Authentication, and what do I need to do to access my account.

What is Multi Factor Authentication, and what do I need to do to access my account.

Understanding Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is a security feature that adds an extra layer of protection to your account beyond just a password. With MFA enabled, you'll need to provide two or more verification factors to gain access to your account, making it significantly more difficult for unauthorized users to gain access, even if your password is compromised.

How MFA Works

When you log in with MFA enabled, the process typically follows these steps:

  1. Enter your username and password as usual
  2. Provide an additional verification factor
  3. Gain access to your account only after both factors are verified

Types of Authentication Factors

MFA relies on different types of verification factors, which generally fall into these categories:

  • Something you know: Your password, a PIN, or answers to security questions
  • Something you have: A mobile device, security key, or smart card
  • Something you are: Biometric data like fingerprints, facial recognition, or voice patterns

Common MFA Methods

Authenticator Apps

Authenticator apps generate time-based one-time passcodes (TOTPs) that change every 30 seconds. Popular options include:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy

SMS or Email Verification

A one-time code is sent to your registered phone number or email address.

Security Keys

Physical devices that connect to your computer (usually via USB) and verify your identity when tapped or inserted.

Push Notifications

Receive a notification on your registered mobile device that you can approve with a single tap.

Biometric Verification

Uses your fingerprint, face scan, or other physical characteristics to verify your identity.

Accessing Your Account with MFA Enabled

First-Time Setup - Note this is only valid for accounts where the client has chosen to turn on MFA

  1. Choose your preferred verification method

    • Follow the on-screen instructions to set up your chosen method
    • For authenticator apps, you'll typically scan a QR code
    • For SMS verification, you'll confirm your phone number
  2. Save backup codes (recommended)

    • Store these in a secure location
    • Use them if you lose access to your primary verification method

Regular Login Process

  1. Enter your username and password

    • Type these into the login page as usual
  2. Complete the second verification step

    • If using an authenticator app: Enter the 6-digit code from your app
    • If using SMS: Enter the code sent to your phone
    • If using a security key: Insert and tap your key when prompted
    • If using push notifications: Approve the notification on your device
  3. Access your account

    • Once both factors are verified, you'll be logged in

What to Do if You Can't Access Your MFA Device

If you lose access to your authentication device or method:

  1. Use backup codes

    • Enter one of your saved backup codes if you have them
  2. Contact support

    • Reach out to our support team with your account details
    • Be prepared to verify your identity through alternative means
    • Support contact: [Insert your support email/phone]
  3. Account recovery process

    • Follow the account recovery link on the login page
    • Complete the identity verification steps

Best Practices for MFA

  • Set up multiple MFA methods when possible
  • Keep your authentication apps and devices updated
  • Store backup codes in a secure, accessible location
  • Don't share your verification codes with anyone
  • Consider using a password manager alongside MFA for maximum security

Why MFA is Important

  • Passwords alone can be compromised through data breaches or phishing
  • MFA protects your account even if your password is stolen
  • Many data breaches and account takeovers could be prevented with MFA
  • Some regulations and compliance frameworks require MFA

For additional assistance with Multi-Factor Authentication, please contact our support team.

    • Related Articles

    • Why Is My Account Still Pending?

      If your Worx Safety account is showing as Pending, don’t worry—this is part of the normal setup process. Here’s what’s happening and what you can do. What does “Pending” mean? Your account has been created, but it hasn’t yet been approved by your ...
    • Approving Contractors: A Step-by-Step Guide to Onboarding

      In this video, I walk you through the contractor onboarding process, where you'll invite contractors to complete their onboarding in our system. Once they finish, you'll receive an email notification, allowing you to review their uploaded documents, ...
    • Creating your new Worker Account

      In this video, I guide you through the process of creating your worker profile after receiving an email to set up your account. You'll need to follow the onboarding journey, input your details, and upload a profile photo, along with any mandatory ...
    • Understanding Permission Levels in Worx Safety

      Introduction Effective management of user permissions is vital for maintaining the security and efficiency of any digital system. In Worx Safety, we offer three distinct levels of user permissions: Admin User, Supervisor, and User. These tiers are ...
    • Site Specific QR Codes Access

      Every time you create a site in Worx Safety, the system automatically generates a QR code to access the site's page. You can download this QR code from the site's details page. This can be useful if you need to create a site sign. STEPS: 1. Log in to ...