This article covers:
- What is Multi-Factor Authentication?
- Security and privacy considerations
- Step-by-step instructions
- Common issues and troubleshooting
- FAQ
What is Multi-Factor Authentication?
Multi-Factor Authentication (MFA) is now an account security option that you opt into at the "user" level.
The purpose of Multi-Factor Authentication (MFA) is to add an extra layer of security to your account by requiring another form of user verification (alongside your password) during the login process.
If you enable MFA for your user, we will activate a requirement to utilize an authenticator app at login.
You must scan the initial QR setup code with your chosen authenticator app - the authenticator setup will not work if you scan the QR code with your camera.
What is an authenticator app?
An authenticator app is a mobile app that generates a time-based single use password to allow access to an account. It will generate a one time, time limited password. These passwords are used to protect accounts from unauthorized access. Any authenticator app should work, but some suggestions are below:
- For organizations that use G-Suite, we suggest using the Google Authenticator app, as you are able to link the data to your work Google Account. The app works on all Android and iOS devices.
- For organizations that use Microsoft, then you might prefer the Microsoft Authenticator app. This should allow you to more easily link the data to your Microsoft work account.
- For larger organizations, you may want to check in with your IT team on how to set one up.
When activated, MFA applies to InnoApp as well as the desktop app.
Security and privacy considerations
Online security is a big deal these days. InnoVint is working hard to ensure this security for our users and our platform. Here are some things to keep in mind after you turn on Multi-Factor Authentication for your accounts:
- Keep your MFA devices secure. Treat your MFA-enabled device(s) as you would treat your password and keep them in a safe and secure place.
- Be cautious of phishing attempts. Avoid clicking on suspicious links or providing your MFA verification codes to untrusted sources.
Thank you for taking the steps to enhance your account security through Multi-Factor Authentication! Your commitment to protecting your account is greatly appreciated.
Step-by-step instructions
To opt in, set up and use Multi-Factor Authentication, please follow these steps:- Log in to your account using your username and password.
- Go to your user Account Settings page at the top righthand corner of the screen (via the person icon).
- In the Privacy & Security tab, click on the Set up button in Add Authenticator App.
- You'll need to scan the on-screen QR code with an Authenticator app on your phone. You may need to add a new account to your Authenticator app. Follow the steps on your app.
- The Authenticator app will then provide a six digit code for you to enter on screen.
- At this point, Multi-Factor Authentication will also provide you with an eight digit recovery code, i.e. 42941651. Store this code someplace safe; you will need it in case you lose your Authenticator device (i.e. your phone) in order to bypass MFA!!
- Your MFA is now enabled!
- The next time you login (within 30 days! find out about our session time-out limits here), you will again be prompted to enter a time limited 6-digit number after your password. Just access your Authenticator app and enter the code provided (no QR code scanning is required!)
You six digit code will refresh every 30 seconds. If the code changes on your authenticator app prior to hitting "Verify", then your authentication will fail.
Common issues and troubleshooting
- If you encounter any issues while setting up or using Multi-Factor Authentication, or if you have additional questions, please contact our support team. You can reach us via email at support@innovint.us or by submitting a help ticket though our online Support Center (use the "Submit a help ticket" link at the top right of the screen).
FAQ
Q: Can I disable MFA after enabling it?
A: You may want to discuss with your account admin in case this is a company policy. After confirming, then yes, you can control your own MFA setting and Authenticator app via your user profile page. Delete a previously setup app by using the three dot menu at the top right of the Authenticator app tile.
Q: I disabled MFA in my user account, but InnoVint is still asking me for MFA authentication!
A: Some accounts have an advanced security setting that can enforce your use of multi-factor authentication. If your organization domain (i.e. innovint.us) requires MFA, then even if you disable MFA in your own user settings, you will need to re-enable and setup an authenticator app in order to login to InnoVint. Please check with an administrator on your account if you have any questions.
Q: Do I have to use MFA on all my devices and platforms?
A: If you have MFA activated, you will be required to enter a verification code each time you sign in to the web app and InnoApp on an individual device (i.e. on your computer and on your phone).
Q: Help! I ran over my phone with the forklift and lost access to my Authenticator app!
If you do not have your authenticator app OR the recovery code, then our support team is capable of unenrolling a user from MFA directly. Contact us at support@innovint.us and we will explain next steps.