Enhance Account Security with Multi-Factor Authentication (MFA)

We’ve launched Multi-Factor Authentication (MFA) for added account security. With this feature, users will receive a one-time password (OTP) via email or SMS, which they must enter after logging in. This ensures an extra layer of protection for both organizations and individual users who opt into it.

Here’s the deal:

You’ve just logged into your account after a long day, thinking you’re finally done with the grind. But then, you’re hit with another screen asking for an extra layer of verification. 

You thought the username and password were enough. 

But now you’re staring at a field asking for a one-time password (OTP) to proceed.

This isn’t just another inconvenience, it's a security feature designed to keep your data safe.

But here’s the kicker:

Multi-Factor Authentication (MFA) isn’t just for the “big companies” anymore. In fact, it has become the industry standard for protecting sensitive data. Now, we’ve made it easy for you to add that extra security to your account, with an optional or organization-wide requirement for MFA.

What’s New?

Introducing Multi-Factor Authentication (MFA), the second layer of security your account has been waiting for. With MFA, you can add a second layer of protection to your login process by requiring users to enter a unique one-time password (OTP) sent to their registered email or phone number.

• You can now enable MFA for your entire organization through the Institute settings.
• Admins and staff can also choose to enable MFA individually from their profile settings.

How It Works?

For Admin:
Step 1: Go to Members Management
From the left-side menu, click on Membership, Then select Members Management.

Step 2: Create a New User

• Click the Create User button.
• A form will appear to enter the new user’s details.

Step 3: Add Staff Details

• Fill in the required details like name, email ID, and password.
• Enable the “Staff” toggle to mark this user as staff.
  

Step 4: Enable Multi-Factor Authentication
Admins and staff can choose to activate MFA for their accounts directly from their profile settings.

For Entire Organization:
Enabling the "MFA for admin users" option at the institute level will apply multi-factor authentication to all admin users in your organization. This ensures an added layer of security by requiring admins to verify their identity via email or phone.

For Admin/Staff:
OTP Verification

• When Admin/Staff log in, they will receive a One-Time Password (OTP) via email/sms. 
• They will be directed to a dedicated verification page where they must enter the OTP. For security purposes, the OTP will expire after five minutes.

If the entered OTP is correct and valid within the time limit, the user will be redirected to the dashboard. Invalid or expired OTPs will result in an error message.

Why It Matters

Why should you care about this? Because it adds an extra layer of protection.

• Enhanced Security: One password is no longer enough. MFA ensures that even if a hacker has your login credentials, they won’t be able to get in without the second layer of protection, the OTP.
  
• Flexibility: Whether you want your entire organization to adopt MFA or prefer it to be optional for some users, you have the flexibility to control how it’s implemented.
  
• Quick Setup and Easy Use: Once enabled, the MFA process is simple and quick for users. After logging in, they’ll just need to enter their OTP and get right to work.
  
  The best part? You can monitor all MFA attempts, so you’ll always know who’s logging in and when.

FAQs

Ready to take your security to the next level?
Try out MFA today by navigating to your profile settings and opting in. You can also explore the Super Admin settings if you’re managing an organization-wide rollout. Stay safe, stay secure!

Have questions? Our team’s here to help—reach out to support.