Multi-factor Authentication (MFA)

Multi-factor Authentication (MFA) adds an additional factor to your login process to greatly improve the security compared to just a passwod. We strongly recommend all user accounts are configured to use MFA.

Add MFA to Your Account

When you are logged in, click on your user icon in the top right of the browser window. Click on the Security item in the drop-down menu.

Select the tab for MFA and click on the Enable MFA button. A QR code and some instructions will be displayed.

Use your choice of MFA app or password manager (e.g. Google Authenticator, MS Authenticator, etc) and add a new credential in that app by scanning the password with your phone camera. If you don’t have a camera, copy and paste the secret key shown below the QR code.

Once you have created the new MFA credential in your own app, test it’s configured correctly by using a verification code and clicking on the Verify & Enable MFA button.

Important: Don’t forget to save the recovery codes to a safe place. You can use each of these codes once, if you lose your MFA device or app.

Using MFA

After your user account is configured to use MFA, each time you login you will be prompted to also enter the MFA code after you enter your email address and password.

If you have lost your MFA app, this is also where you can use one of your recovery codes.

Using Recovery Codes

If you do need to use a recovery code it works just like a generated MFA code during the login steps. Simply choose one of your unused codes and type it into the Verification Code field.

We recommend you reconfigure your MFA option again as soon as possible. By disabling MFA in Profile → Security → MFA you can then re-enable it and setup a new MFA secret which will generate new codes.

Each time you re-enable MFA on your account, new recovery codes will be created and any old codes will no longer be valid.