Multifactor Authentication

Training Team

Modified on: Thu, 30 May, 2024 at 10:57 AM

Multi factor authentication (MFA) means your users are prompted during the sign-in process for a code in an authenticator app. This industry standard layered security reduces the risk of your user's credentials being hacked or misused.

If you require this to be enabled on your portal, please contact your account manager.

How to initiate MFA

Head to the CTU page and select the MFA option on each user you wish to use this form of secure login.

Fig1. CTU with option highlighted on editing tab of a user.

Using MFA

When MFA is on for a user, the first time they access the portal to login, they enter their username and password as usual. They then have 2 options to use MFA.

Option 1

They are prompted to configure MFA via QR code. This involves them scanning the QR code with a device and setting up an account on an authentication app.

Fig2. User prompt with QR code.

Authentication Apps for QR Codes

Multiple apps are available but the most common are the Microsoft Authenticator and the Google Authenticator (Available on Android and Apple devices). Apple phones also have an Authenticator app built in.

Simply install an app then use it to add an account and scan the QR code. This will then give you the one time code required to login to MaxContact.

Option 2

If your users don't have devices to scan a QR code when at their desks, by clicking the 'trouble scanning' option, users can generate a code to enter into a desktop app which will give them their one time password to use for logging in.

Fig3. User prompt with QR code.

Once users have done this, they are logged in. The next time they come to login, instead of the QR code, they will be asked to enter their one time code to login (after entering their username and password). This will be generated by the authenticator app they are using and once input, grants them access.

Fig4. MFA login once setup on an authenticator app.

Reset a users MFA

Once MFA is setup on a user, admin users have the ability to reset it. This is for any users that need to rescan the QR code if they have changed their phone for example or are having issues with MFA. Instead of the usual screen asking them for their one time code, they will see the original MFA screen as shown in Fig2 or Fig3 above.

To reset a users MFA, simply click the button next to MFA in the CTU.

Also, if an admin changes the users password in the CTU or the user gets locked out due to failing a password policy on MaxContact, their MFA will be reset. If a user changes their password manually, this does not reset their MFA.

If MFA is reset, the user will need to re-scan a QR code/enter a code again to access the system.

Fig5. MFA reset button on the CTU page.