What is MFA?
Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your username and password. When enabled, logging into MDA will require your username and password as well as an authentication code from your authenticator app.
Only the user role of Accounting Firm Admin will be able to activate MFA which is accessible through the security settings and it will only be available for internal user roles:
Once MFA is enabled, there will be two options - the Remember User Profile can either be ticked or left unticked.
If ticked, users will only be required to use MFA once every 30 days if they are using the same browser profile:
If left unticked, users will be required to use MFA at every login attempt:
How the user logs in once MFA is activated?
The user will input their username and password as usual and then the below screen will follow:
Scan the QR code with your preferred Authenticator application and enter the 6-digit code. Your device will then be paired and you will be logged in.
What happens if the user loses/upgrades their device?
The Accounting Firm Admin can go to the manage users and click the button highlighted below to reset the MFA device.
This will then prompt the user to go through the MFA activation process the next time they log in.