How to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account
Once MFA has been activated by following the steps outlined in the How to activate Multi-Factor Authentication (MFA) for your Staff Account article, you will be required to enter the MFA confirmation code from your Authenticator App following your username and password as an added layer of security when logging into SupportAbility.
If you don't have access to your Authenticator App when logging into SupportAbility, you are able to request an Email Multi-Factor Authentication Code to be sent to your Staff Account Email Address.
This article provides information regarding how to log in to SupportAbility once Multi-Factor Authentication (MFA) has been activated in your Staff Account covering both of these steps i.e. via the Authenticator App and via the email fallback option, as well as how often an MFA code needs to be entered when logging in.
We have used the Last Pass Authenticator App to provide some example screenshots, however, how this appears will differ based on your organisation's chosen Authenticator App.
Audience: All
Summary
The following list summarises the content within this article. Click on the links below to take you to the relevant sections:
- Passing the Multi-Factor Authentication (MFA) log-in step
- How often do I need to enter an MFA code when logging in?
Passing the Multi-Factor Authentication (MFA) log-in step
When logging into SupportAbility outside of the MFA validity period, you will be required to pass an additional step to access SupportAbility. An MFA code will be required periodically ensuring you are logging into SupportAbility securely. The frequency of this requirement is dependent on how your organisation has configured MFA, as outlined below.
It is recommended to use the Authenticator App you used to activate MFA to generate an MFA code each time this is required in order to access SupportAbility, however, if you cannot access your Authenticator App, you can request an MFA code via email as a fallback option. Details regarding logging into SupportAbility have been outlined below.
MFA is required once you have entered your username and password:
MFA via Authenticator App - recommended
Following your username and password being entered, the MFA window will be displayed:
Open your Authenticator App e.g. Last Pass and view the 6-digit MFA code (time-based one-time passcode) for SupportAbility e.g: 219937
Enter this code in the 'Enter 6 digit MFA code' field e.g:
Once 'Submit' is selected, provided the correct code is entered, you will be able to access SupportAbility:
Incorrect code
If the correct code is not entered, you will see a red message regarding this:
This may occur due to a typo, or if the code entered has timed out in your Authenticator App. The code is usually only valid for a period of 30 seconds and is accompanied by a timer to show you how many seconds remain that this code is valid for e.g. 18 seconds:
If you have entered a code that is no longer valid, check your Authenticator App for the latest code and try again. If you are still unable to pass the MFA step successfully, you can either 'Request MFA code via email instead' or 'Return to the Login Page':
N.B. If you are having ongoing issues with the MFA code generated by your Authenticator App not being accepted, we recommend contacting your organisation's IT support as they may need to coordinate MFA being deactivated in your Staff Account, in order for you to activate this again using the Authenticator App.
Once this has been deactivated in your Staff Account, if MFA is configured to be Enforced for your organisation, you will be required to activate MFA again when next logging into SupportAbility.
MFA via Email - fallback option
If you cannot access your Authenticator App when MFA is required when logging into SupportAbility, there is an option to request an MFA code via email instead:
Once selected, you can request an email MFA code to be sent to your Staff Account Email Address:
A confirmation message will appear advising of the email address this has been sent to:
It is important to note that the MFA code sent to your email address is only valid for a period of 10 minutes from the time it was requested. When an MFA code is requested via email, an 8-digit code is provided to differentiate this from the 6-digit code generated by an Authenticator App.
Check your email and you should have received an email from SupportAbility e.g:
Open the email for more information:
Copy the Email MFA Code and paste or enter this into the Email MFA field in SupportAbility:
Once 'Submit' is selected, provided the correct code is entered, you will be able to access SupportAbility:
Didn't receive an email?
If you didn't receive an email, select this link:
Some more information regarding this is displayed, including the recommendation to check your spam folder before requesting a new code and that this might take up to five minutes, as well as the option to request a new Email MFA Code if necessary:
If you requested a new Email MFA Code and have still not received this, these emails may be being blocked inadvertently. Please contact your organisation's IT support if this occurs.
To log into SupportAbility, you will need to select 'Return to Authenticator App MFA' and utilise your Authenticator App to generate the required MFA code.
No Staff Account Email Address?
If an Email Address has not been configured in your Staff Account, a red message is displayed regarding this and you will not be able to utilise the Email MFA fallback option:
We recommend contacting your System Administrator to coordinate getting this set up for you.
To log into SupportAbility, you will need to select 'Return to Authenticator App MFA' and utilise your Authenticator App to generate the required MFA code.
How often do I need to enter an MFA code when logging in?
The frequency that an MFA code is required when logging into SupportAbility is dependent on how this has been configured for your organisation.
The MFA validity period is set to 7 days by default, however, providers can configure this to a period of their choosing:
- 24 hours
- 7 days - default
- 14 days
- 28 days
- 30 days
This means that you will need to enter an MFA code when logging in on each device or browser you use to access SupportAbility periodically based on this configuration. If you have any questions regarding this, please contact your organisation's IT support at your organisation for more information.
N.B. Please be aware that clearing the cookies on your browser will result in the need to log in to SupportAbility again and pass the MFA log-in step again, even if this occurred within the MFA validity period.