...
If MFA is enforced by your administrators, you will be prompted with the MFA landing page on login if it is not already set up.
If MFA has not been enforced, but you would like to opt-in, you can get to this same page from when you edit your profile -→ Account settings > Manage Configure MFA.
From there:
- Click “Add Authenticator App”
- Use your preferred TOTP authentication app (we recommend Google or Microsoft Authenticator) to scan the QR code shown on the page.
- Use the newly set up account on your app to get a code and enter it into the box below the QR code. These codes are only valid for 30s. Your app should show you how long the code is still valid for. Any code entered after its 30s timer has expired will be invalid, and you will need to use the next one.
- Click finish, and then log in again with MFA. You will be prompted for a code, which is provided to you in your authenticator app, the same way we did in step 3.
...
Virsae’s MFA uses Time-based One-time Passwords (TOTP). You can use any app that supports this mechanism, but we recommend Microsoft Authenticator or Google Authenticator.
How do I log on, if I don't have access to my phone?
Log on using your recovery codes. You will have been provided recovery codes when setting up MFA the first time. If you no longer have access to recovery codes, create new recovery codes under your profile → Manage Multi Factor Authentication → Reset Recovery Codes.
...
They are not. Recovery codes are provided on first set up of MFA. After that, the app keys (QR code) and recovery codes are managed independently, and one can be reset with without affecting the other.
What if I lose my phone and Recovery Codes?
You will need to contact one of your administrators who can reset your authenticator app from the manage user’s page. If you have lost your recovery codes you should regenerate more, especially to invalidate the lost codes, in the case someone else may have access to them.
...