Multi-Factor Authentication

Background

Multi-factor Authentication (MFA) is a security enhancement that requires you to present two forms of evidence of identity in order to be able to log in. You will see the MFA page when you log in if it has been enabled for your organisation/account.

If you are an Account or Organisational Administrator, you can activate MFA for all or individual organisations that you are responsible for/have access to, by clicking MFA link on the User Menu.

MFA severely limits the ability of an unauthorised party to gain access to your account, even if one of the factors (e.g. your username/password) is compromised. SECTARA presently uses the Google Authenticator app for MFA.

In summary, and once you’re set up, the process simply requires you to copy a 6-digit code that the Google Authenticator app generates and enter it onto the SECTARA login page after you enter your username and password.

Setup Instructions

Follow these instructions to get set up with Google Authenticator:

1. Use your mobile device to download and install the app (Android / iPhone, iPad or iPod Touch). Make sure that you only download the official Google Authenticator app – look for the grey logo appearing above.
2. Open the app and click “Begin Setup”.
3. Click “Scan a barcode” and point your phone’s camera at the QR code that appears on the SECTARA login page (you usually need to allow Google Authenticator access to your camera to do this when prompted). If for any reason you cannot scan the QR code, click “Enter a provided key” or “Manual entry” (depending upon which version of the app you’ve downloaded) and type in the passcode that appears below the QR code on the SECTARA login page – you will also need to enter the email address that you use to log in to SECTARA to complete the registration/enrollment.
4. Once you have registered/enrolled with the Google Authenticator app you will not be required to scan the QR code again (for SECTARA). Each time you log in to SECTARA, you will simply need to enter the 6-digit number from the app as your OTP.
5. If you have any questions or are not able to log in using these instructions, first contact your Administrator if you know who it is – Account and Organisational Administrators can disable MFA, if necessary. Also, consider reviewing some of these sites for further background on the app and its use. YouTube also has a plethora of videos that will help get you set up:
   • https://www.techrepublic.com/blog/google-in-the-enterprise/use-google-authenticator-to-securely-login-to-non-google-sites/
   • https://www.androidguys.com/tips-tools/setting-up-google-authenticator-is-as-easy-as-scanning-a-qr-code/
   • https://mashable.com/2017/10/29/how-to-set-up-google-authenticator/
   • https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/
   • https://support.logmeininc.com/lastpass/help/google-authenticator-lp030015
6. If all else fails you can always submit a Support Request.