- What is multi-factor authentication?
- How does it work ?
- Example MFA - Email OTP
- Alternative Authenticators
- MFA Options
What is multi-factor authentication?
Multi-factor authentication (MFA) is a way of verifying users that requires more than one step to complete. Users can’t log in with just their username and password: an additional “factor” is required, such as a code sent via SMS or obtained from an Authenticator app. This ensures users are strongly authenticated and prevents bad actors from accessing an account even if they have acquired the username and password.
How does it work ?
- Log in to practice admin as usual.
- You will be prompted to complete multi-factor authentication.
- If this is your first time logging in, you will receive a verification code via email.
- Copy the code from the email and paste it into the authenticator.
- For enhanced security, you will have the option to set up additional authentication methods after your first login.
Example MFA - Email OTP
Email OTP is the default MFA if you haven’t enrolled in other MFA methods.
Step 1: Login as normal to practice admin
Step 2: Authenticator Screen
After successfully logging in you will be presented with the following MFA screen.
Step 3: Check your email for Authentication Code
Check the email used to login to your practice admin account for the Authentication Code.
Step 4: Enter the Authentication Code
Enter the Authentication code to complete your MFA login to practice admin.
Alternative Authenticators
You can enrol in different authenticators for your account in Practice Admin by navigating to Account, then Authenticators.
Once you are in here, select 'Set up Authenticators':
Enter in the the OTP sent to your email when prompted, then select your chosen authentication method.
Please note: If your email has been temporarily whitelisted, you do not need to retrieve a code here.
In this example, we are setting up an authenticator app. If you don't yet have the app installed on your mobile phone, click into one of the options shown below in your Practice Admin and you'll be able to scan a QR code and download to your device:
Once you have downloaded & logged into the app, get it ready to add a new account via scanning a QR code, and click 'Continue' in your Practice Admin.
You'll then be able to scan the QR code shown with your authenticator app, and you'll need to enter the 6-digit code given to you here. Upon success, you'll see the below message:
MFA Options
Email OTP
Email OTP stands for Email One-Time Password. It's a security measure where a unique, time-sensitive code is sent to your registered email address to verify your identity. This is the default authenticator is you have no others enrolled.
Authenticator app authentication
Authenticator apps are installed on your device and generate codes which are valid for a limited time and which can be entered as the additional factor. Examples of popular authenticator apps include Google Authenticator, Microsoft Authenticator and Authy (from Twilio).
Passkey authentication (Recommended)
Passkeys are a replacement for passwords. A password is something that can be remembered and typed, and a passkey is a secret stored on your device, unlocked with a biometric sensor (such as a fingerprint or facial recognition), PIN, or pattern, freeing you from having to remember and manage passwords.
Security key authentication
A security key can take many forms. These can include biometrics like a fingerprint, iris or voice. Common implementations of these are found on your device like FaceID or Windows Hello. Another option is to use a physical security key device, like a YubiKey (external link that opens in a new tab), that can be used over USB or NFC.
The technology that enables authentication through security keys is called WebAuthn and works on all modern browsers. For more information, visit WebAuthn (external link that opens in a new tab).
Comments