Understanding Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is a security feature that adds an extra layer of protection to your account beyond just a password. With MFA enabled, you'll need to provide two or more verification factors to gain access to your account, making it significantly more difficult for unauthorized users to gain access, even if your password is compromised.

How MFA Works

When you log in with MFA enabled, the process typically follows these steps:

1. Enter your username and password as usual
2. Provide an additional verification factor
3. Gain access to your account only after both factors are verified

Types of Authentication Factors

MFA relies on different types of verification factors, which generally fall into these categories:

• Something you know: Your password, a PIN, or answers to security questions
• Something you have: A mobile device, security key, or smart card
• Something you are: Biometric data like fingerprints, facial recognition, or voice patterns

Common MFA Methods

Authenticator Apps

Authenticator apps generate time-based one-time passcodes (TOTPs) that change every 30 seconds. Popular options include:

• Google Authenticator
• Microsoft Authenticator
• Authy

SMS or Email Verification

A one-time code is sent to your registered phone number or email address.

Security Keys

Physical devices that connect to your computer (usually via USB) and verify your identity when tapped or inserted.

Push Notifications

Receive a notification on your registered mobile device that you can approve with a single tap.

Biometric Verification

Uses your fingerprint, face scan, or other physical characteristics to verify your identity.

Accessing Your Account with MFA Enabled

First-Time Setup - Note this is only valid for accounts where the client has chosen to turn on MFA

1. Choose your preferred verification method

   • Follow the on-screen instructions to set up your chosen method
   • For authenticator apps, you'll typically scan a QR code
   • For SMS verification, you'll confirm your phone number

2. Save backup codes (recommended)

   • Store these in a secure location
   • Use them if you lose access to your primary verification method

Regular Login Process

1. Enter your username and password

   • Type these into the login page as usual

2. Complete the second verification step

   • If using an authenticator app: Enter the 6-digit code from your app
   • If using SMS: Enter the code sent to your phone
   • If using a security key: Insert and tap your key when prompted
   • If using push notifications: Approve the notification on your device

3. Access your account

   • Once both factors are verified, you'll be logged in

What to Do if You Can't Access Your MFA Device

If you lose access to your authentication device or method:

1. Use backup codes

   • Enter one of your saved backup codes if you have them

2. Contact support

   • Reach out to our support team with your account details
   • Be prepared to verify your identity through alternative means
   • Support contact: [Insert your support email/phone]

3. Account recovery process

   • Follow the account recovery link on the login page
   • Complete the identity verification steps

Best Practices for MFA

• Set up multiple MFA methods when possible
• Keep your authentication apps and devices updated
• Store backup codes in a secure, accessible location
• Don't share your verification codes with anyone
• Consider using a password manager alongside MFA for maximum security

Why MFA is Important

• Passwords alone can be compromised through data breaches or phishing
• MFA protects your account even if your password is stolen
• Many data breaches and account takeovers could be prevented with MFA
• Some regulations and compliance frameworks require MFA

For additional assistance with Multi-Factor Authentication, please contact our support team.