How to activate Multi-Factor Authentication (MFA) for your Staff Account
When an organisation has configured Multi-Factor Authentication (MFA) as 'Optional' in System Preferences, MFA can be activated by each Staff Member as required, via 'My Staff Account'. Once MFA has been configured as 'Enforced' in System Preferences, it is important to note that if MFA has not been activated prior to this (if this was configured to 'Optional' beforehand for example), you will be required to activate MFA upon next logging into SupportAbility.
It is important to note that in order to activate MFA, an Authenticator App is required, ideally with cloud backup enabled. If you are not sure which Authenticator App to use or how to enable cloud backup, please contact your organisation's IT support or the SupportAbility Authorised Representatives at your organisation for more information.
Once MFA has been activated by following the steps outlined in this article, you will be required to enter the MFA confirmation code from your Authenticator App following your username and password as an added layer of security when logging into SupportAbility. For more information regarding these next steps, please review the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account article linked below in the Related Articles section.
This article steps through how to activate MFA for your Staff Account from 'My Staff Account' or when logging into SupportAbility once this has been set to Enforced.
Audience: All
Summary
The following list summarises the content within this article. Click on the links below to take you to the relevant sections:
- Activating MFA via My Staff Account
- Activating MFA upon logging into SupportAbility when MFA is Enforced for your organisation
- How to activate MFA
- Deactivating MFA
Activating MFA via My Staff Account
To activate MFA, navigate to 'My Staff Account' from the Dashboard:
By default, MFA is deactivated for all users:
Before activating MFA, you will need to have your organisation's preferred Authenticator App installed on your smartphone, ideally with the cloud backup feature enabled. If you are not sure which Authenticator App to use or how to enable cloud backup, please contact your organisation's IT support or the SupportAbility Authorised Representatives at your organisation for more information.
Select the 'Activate' button to begin:
You will need to confirm your password to proceed:
Enter your password then select 'OK' to continue on to activate MFA:
The 'Activate MFA' window will then open. If your organisation has configured MFA Activation Instructions in System Preferences, these are displayed on the left-hand side to assist guide you in this process:
The Scan QR Code and Confirm Code sections are displayed on the right-hand side:
If MFA Activation Instructions have not been configured, only the Scan QR Code and Confirm Code sections will be displayed:
To activate MFA, an Authenticator App is required to scan the QR code on the screen to link your SupportAbility account and start generating the required 6-digit code to log in. Please see the How to activate MFA section below for the next steps.
Activating MFA upon logging into SupportAbility when MFA is Enforced for your organisation
When MFA has been configured as Enforced for your organisation, MFA must be activated upon logging into SupportAbility:
Important - an Authenticator App is required to activate MFA. If you are not sure which Authenticator App to use or how to enable cloud backup, please contact your organisation's IT support or the SupportAbility Authorised Representatives at your organisation for more information.
Please follow the steps outlined below regarding how to activate MFA.
How to activate MFA
Regardless of where MFA is being activated from i.e. via My Staff Account or when logging into SupportAbility, the steps to complete this process are the same.
- To add your SupportAbility account to the Authenticator App, you need to either scan the QR code with your Authenticator App, or manually enter this code into your Authenticator App.
- Once your SupportAbility account has been added to your Authenticator App, to finalise the activation process, the 6-digit confirmation code generated by your Authenticator App must be entered into SupportAbility.
These steps have been outlined in detail below, noting that the Authenticator App used in this example is Last Pass. This part of the process may be slightly different based on the Authenticator App and smartphone you are using.
If you need any assistance at any stage regarding this, please contact your organisation's IT support or the SupportAbility Authorised Representatives at your organisation.
Scan the QR code with your Authenticator App
To add your SupportAbility account to your Authenticator App, open the app e.g. Last Pass:
Then add a new account by selecting the + icon. This opens a QR Code reader that can be used to scan the QR code appearing in the 'Activate MFA' window in SupportAbility:
This will link your SupportAbility account to the Authenticator App and start generating the required 6-digit code required to pass the MFA step and log in securely.
Unable to scan QR code?
If you are unable to scan the QR code to Activate MFA in your My Staff Account, there is an on to copy the QR Code manually by selecting this link:
Once selected, the text equivalent of the QR code is copied to your clipboard and a blue message appears with confirmation of this:
When attempting to add an account in your Authenticator App, a manual option will be available e.g. 'No QR Code?' in Last Pass:
Select this and then paste the copied code in order to add your SupportAbility account. It is important to note that this will be different for different Authenticator Apps, if using Last Pass Authenticator, for example, you will be prompted to enter the following information once 'No QR Code?' is selected in order to add a new account:
- Issuer - e.g. SupportAbility
- Account Name - e.g. Abel
- Secret Key - paste the copied text version of the QR code here
Enter the Confirmation Code from your Authenticator App to finalise the activation process
To finalise the activation process, the 6-digit code generated by your Authenticator App needs to be entered into the 'Confirm Code' field:
Note the confirmation code generated for your SupportAbility account e.g: 690862:
Enter this in the Confirmation Code field, then select OK to finalise the process:
N.B. If the wrong code is entered, a red message will appear to alert you to this. If you are experiencing any ongoing issues with this not being recognised after entering the incorrect code, try deleting the newly added SupportAbility account from the Authenticator App, and then adding it again as per the steps above. Following this, the Confirmation Code should be accepted allowing you to finalise the activation process.
Once MFA has been activated, your MFA Status will appear as such:
Now that MFA has been activated, when logging into SupportAbility, you will be required to enter the MFA confirmation code from your Authenticator App following your username and password as an added layer of security when logging into SupportAbility.
For more information regarding these next steps, please review the How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Accountarticle linked below in the Related Articles section.
Deactivating MFA
Once activated, deactivating MFA should not be required and is only recommended if you need to activate MFA again in the instance when you have a new smartphone and you were unable to access your Authenticator App back up from the cloud.
We recommend contacting IT support at your organisation before doing so and it is important to note that if MFA is configured to be Enforced for your organisation, you will be required to activate MFA again when logging into SupportAbility.
If required, MFA can be Deactivated at any time by selecting 'Deactivate' next to MFA in My Staff Account:
A Staff Member with the 'Edit User Accounts' privilege can also deactivate MFA from the User Details tab of the Staff Member's Account if this was required:
