Registering your MFA
Enabling Multi-Factor Authentication will mean that you may be asked to provide a code from an authenticator app when logging in to prove your identity.
In the Settings > User menu you will see that there is the option to add extra an extra layer of security to your account.
To turn this function on simply click the toggle, and you will be shown a process to configure your authenticator app.
Your authenticator app will give you the option to scan this QR code and will then show you a code to enter into this box.
When this is accepted it proves that the app is configured correctly. Next time you log in, you will be prompted for a new code.
We recommend using one of the following Mobile applications:
Apple iPhone
Android
We recommend the following Password Managers:
Removing MFA
If you want to register a different authenticator or just remove MFA entirely you will need to go back to the Security page in settings and enter the code again to disable your current configuration.
Resetting MFA
If you are unable to log in due to an issue with your MFA, you will need to talk to a user with Administrative access (who also has MFA set up) to reset this for you. If you are unsure who has this access, please contact us.
If you are an administrator and need to reset a user's MFA, you can do this via Settings>Users. Right-click on the user you need to reset MFA for and select 'Reset MFA' as below:
Warning: We highly recommend speaking with users either in person or over a secure phone line prior to resetting their MFA, to establish if the request is genuine. We advise not to reset a user's MFA over email requests alone.
If you would prefer your Admin users not to have this access, please contact us so we can amend your account for you.
Enforcing MFA
If you would like to enforce Multi-Factor Authentication across your Federation or Organisation, you can now do this via Settings.
Please Note: Only users with full Administrator permissions are able to amend this.
Enforcing MFA for your Organisation
To enforce the use of MFA for your Organisation, head to Settings>Organisation Menu>Users and then scroll down to ‘Preferences’
Toggle on ‘Enforce MFA’ as below:
Once enabled, any new or existing users who do not yet have MFA set up will be presented with the following screen when they log into the system:
Users that have MFA set up will have a green locked padlock icon next to their username, and users who have yet to set this up will have a red unlocked padlock icon:
Enforcing MFA for your Federation/Trust
To enforce the use of MFA for your Federation/Trust, head to Settings>Federation Menu>Users and then scroll down to ‘Preferences’
Toggle on ‘Enforce MFA’ as below:
Once enabled at federation level, the ability to turn off the enforcement on individual organisations will be greyed out:
Any new or existing users who do not yet have MFA set up will be presented with the following screen when they log into the system:
Users that have MFA set up will have a green locked padlock icon next to their username, and users who have yet to set this up will have a red unlocked padlock icon:
Restrictions
If you have SSO set up for Central Record within your Organisation/Federation, MFA will not be available to be used alongside this.