Multi-factor authentication
About
Multi Factor Authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password, further verifying users are who they say they are, and who they are logging in as.
Bricsys 24/7 implements MFA with the need to provide an extra security step through an authenticator app, such as Google Authenticator or Microsoft Authenticator.
When you have enabled MFA on your account, the login procedure will require you to enter the code generated by the authenticator app.
MFA may be required at a project level for all project users, but it is activated at a user level by a user.
Downloading an authenticator app
Authenticator apps generate a one-time code that you can use to sign in. These app providers will not have access to your Bricsys 24/7 password and account information.
- To download an app
-
- Open the app store of your phone.
- Search for ‘authenticator app’.
- Download an app from a trusted provider.Tip: Check that they have a recovery method if you cannot access your device.
- Open the app and follow the instructions.
Multi-factor authentication set up
We are using the QR code method for Authenticator app (MFA) set up. This requires that you set up MFA on one device (for example laptop/desktop or tablet), with an authenticator app on a second (mobile) device that has a camera.
- Go to the AUTHENTICATOR tab in your Profile, under Security settings.
- Scan the QR code with your Authenticator app to connect your account. To scan the code, the second (mobile) device must have a camera.Note: If the QR code gives an error in the mobile app, click the Not able to scan? button and the QR code will be regenerated.
- Type the one-time code received in your authenticator app.Note: The one-time code will change every 30 seconds.
- Optionally, enter your device name.
- Once ready, click Continue to finish the mobile authenticator configuration.
- If the configured authentication device needs to be changed, it can be deleted from Authenticator page. The page resets to the initial MFA set up page.
- If they want to change their email address.
- If they have MFA active and lose access to the device or app used for authentication.
Activate MFA requirement on a project
To activate multi-factor authentication for a project: go to Multi-factor authentication option.
and toggle On theThe following warning modal will be displayed to inform the customer admins (which includes the project owner) about the access modification of the specific project.
- I understand, switch on MFA
- Closes the modal and the changes will be made after pressing Save changes button.
If you do not have MFA set up, the following modal will be displayed:
Note: It is not possible to exit this modal.
After you log out and log in again, the one-time code will be required, and you will be able to access the project where you enabled the MFA.