...
Section | |||||
---|---|---|---|---|---|
Why Use MFA?
|
Administrators: How to enforce MFA for your users
- Tick the “Enable Multi-Factor Authentication” box on your Manage Customer/BP page. This will require all users to set up MFA on their next sign-in. Important Note: With this enabled, users will not be able to do anything after login until they set up MFA. If you want users to use MFA at their discretion, they can do so from their edit profile page.
- Identify users that you want excluded from this policy and select “Exclude from Multi-Factor Authentication” on their profile page. Note: users with this setting enabled are excluded from enforced They can still opt-in if they choose to do so.
Administrators: How to manage access if user has lost their phone, or replaced their phone
A user can manage their multi-factor authentication options under their profile, this includes:
- Resetting recovery codes
- Reinstalling the app, and re-configuring
- Disabling MFA (if not enforced by the administrator)
As an administrator it is also possible to reset their Multi-Factor configuration set up, on the Manage Users page, along-side reset password.
Setting up MFA for the first time
...
Virsae’s MFA uses Time-based One-time Passwords (TOTP). You can use any app that supports this mechanism, but we recommend Microsoft Authenticator or Google Authenticator.
How do I log on, if don't have access to my phone?
Log on using your recovery codes. You will have been provided recovery codes when setting up MFA the first time. If you no longer have access to recovery codes, create new recovery codes under your profile → Manage Multi Factor Authentication → Reset Recovery Codes.
If you do not have access to your recovery codes, and are not logged on, contact your VSM administrator.
How do I log on, if I get a new phone?
Reset Multi Factor Authentication, under your profile if you are logged on, or contact your VSM administrator, if you are unable to log on
What is an Authenticator Key?
...