Multi-factor Authentication or MFA, is a second layer of security that reduces the risk of unwanted access to your account. It requires a two-step identification process every time you login to your account.
Once MFA is setup, logging into your Partner Portal will require your username, password plus the second step of a temporary code or security questions.
To set up MFA you will need to download and install the Google Authenticator App on your mobile device.
To setup MFA:
- Download the Google Authenticator App through the Apple App Store or Google Play on your mobile device.
- In your partner portal, click on the ‘Admin Settings’ cog and choose ‘Security’ from the dropdown list.
- Select whether you would like to enable MFA for staff only, or staff and clients.
The portal will display a message that says it has been successfully enabled.
- A screen will open with a QR code to scan.
- Open the Google Authenticator App on your device and click ‘Begin setup’ in the app. If you are using the Google Authenticator app for the first time, you will need to click ‘Scan barcode’. If you have used the app before, you will just need to click the plus (+) sign at the top of the screen in the app.
- Scan the barcode with your mobile device. A number will appear in the Authenticator app with ‘your firm’ at the top and your login email address underneath.
- Enter the Authentication Code from your device into your portal in the setup MFA screen and click ‘Verify device’.
- Enter your security questions and answers and a recovery email address. Your recovery email address is used if you forget your login password. When you are ready, click “Finish”.
- And that’s it. Your account is now MFA enabled. Next time you login, you will go through a two-step process with the information that you supplied in the setup.
Note: Any additional users that are authorised to login to the account, but do not have access to the mobile device, can log in using the security questions. Instead of entering the authentication code, they simply click ‘Answer security questions instead’.