2024-01-31: Multifactor Authentication

Malicious access from outside sources is a recurring problem with systems that are accessed from the internet. We maintain our ISO 27001 and Cyber Essentials accreditations and constantly monitor best practices with password management, but we are constantly looking for ways to make your data more secure.

To keep your data as secure as possible, we are adding the ability to enable MFA (MultiFactor Authentication) on all Product User Accounts. Should you choose to enable this, you will use an Authenticator App on your phone to enter a randomly generated code after entering your password. This extra level of security minimises the risk of malicious attacks on your data.

Enabling MFA on Your Account

To enable MFA on your User account, navigate to the three dots at the top right of the screen and select "Edit Profile"

You will then see a button labelled "Enable MFA". Click this to begin configuration.

You will then be directed to a "Create MFA Token" button which will generate a QR code. Scan this to set up MFA with your authenticator of choice.

When MFA is Enabled

When MFA is enabled, there will be an extra security step at log-in that requires you to open your Authenticator app, and enter the correlating 6-digit number. After that, you will be logged in to the system as usual.

Monitoring MFA Usage

Admins can monitor who has MFA activated, and remove MFA if needed from the User List View.

If a User has MFA a green padlock will show next to their name on the list view:

To remove MFA, just select the "Remove MFA" button on the bottom right of the screen when editing the User.

Want to stay up to date on our releases? Just keep an eye on the notification bar at the top right of the screen when you log in. We will keep you up to date with new releases and features as they happen.

Alternatively, bookmark this link here for up-to-date release notes.