Multi-Factor Authentication (MFA) is an enhanced security system that verifies a user’s identity by requiring two or more forms of authentication. Rather than just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone.
MFA is an effective way to provide increased security. Usernames and passwords can be stolen, and they have become increasingly susceptible to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be.
With MFA, even if an attacker manages to learn the user’s username and password, it is useless without also having possession of the additional authentication method. In OneStop Reporting, MFA works by requiring two authentication methods:
An authenticator app is usually installed on a smartphone and you scan a barcode or enter a key to create an account. After the account is created, the authenticator app generates a 6-8 digit passcode every 30 seconds. The passcode can, for example, be used for login as an extra authentication method in addition to a username and password.
The passcodes are generated from a secret code that is shared between the service you are using, such as OneStop Reporting, and your device, as well as the current time.
Google Authenticator app example
There are a variety of authenticator apps you can download to your phone from Google Play and the IOS App Store, but we recommend that you use Google Authenticator or Microsoft Authenticator, as those are the ones we have fully tested our MFA solution on.
For more information about installing and setting up an Authenticator app, see Install and set up Authenticator app
In OneStop Reporting, users can set up MFA from their user settings. In addition, administrators can enforce an MFA policy for all end users. See the user procedures below for more information:
You have now set up MFA for your OneStop Reporting user profile. The next time you sign in to OneStop Reporting portal, you must enter your username and password, and then enter a verification code from your authenticator app.
If you want to see a video on how to set up MFA on your account, click here.
If you do not have a verification code, click the Do not have a code? link to read more about the MFA setup.
Multi-Factor Authentication (MFA) policy is now enabled for this organization. All users must use MFA to sign into the underlying tenants and groups.
If your administrator has enabled a Multi-Factor Authentication (MFA) policy for your organization, you will receive a message:
Your organization’s security policy requires you to set up Multi-Factor Authentication (MFA) for your account.
You have now set up MFA for your OneStop Reporting user profile. The next time you sign in to OneStop Reporting portal, you must enter your username and password, and then enter a verification code from your authentication app.
If you do not have a verification code, click the Do not have a code? link to read more about the MFA setup.