Multi-factor Authentication - MFA

Learn how to set up Multi-factor Authentication for your users

Updated on October 22nd, 2024

Multi-factor authentication (MFA) offers an additional level of security for your AroFlo site. It requires users to enter a code obtained from an authenticator app (typically on their phone or tablet) before they can log in.

Who needs to use MFA?

MFA is optional for all users, however, we recommend users with access to

are set up with Multi-factor authentication.

 
 

Authentication Apps

Google Authenticator

Download link

Download link
Download link

Download link
 
 
 

Microsoft Authenticator

Download link

Download link
Download link

Download link
 
 
 

Twilio Authy

Download link

Download link
Download link

Download link
 
 
 
 
 

 

Enable MFA

Permission Groups

  • Managers and those with permission can enable MFA on their own user card.
  • Site Administrators (who can view and edit other users) with the above permission can also enable or disable MFA for other users.

Custom permission groups

For custom permission groups, Site Administrators can control who can enable or disable MFA by going to Permission Groups > [Select permission group] > Users > Fields > MFA (Add / Remove to ticked).

 
 
 

MFA is enabled on a user card.

  1. In AroFlo Office, go to Site Administration > Users > Select User.
    Alternatively, go to Manage > Users > Select User.
  2. Under Multi-factor Authentication, click Enable.  

    If you're viewing your own user card, click Enable & Configure. You can also configure MFA as soon as it has been enabled.

     
  3. The Enable MFA Verification window will appear. Click Enable.

The user is now ready to configure MFA. If you have enabled MFA for another user, they will see the configuration window on next login. Refer to the steps below.

 

Configure MFA

Once a user has MFA enabled, that user will see the Configure MFA Verification window the next time they log in.

If you're enabling MFA for yourself, you will see this as soon as you enable MFA.

 
  1. If you don't already have an authenticator app on your device, download one.  

    Authenticator app options include Google AuthenticatorMicrosoft Authenticator or Twilio Authy.

     
  2. When you see the Configure MFA Verification window in AroFlo, Open your authenticator app.
  3. Add an account in the app. Scan the QR code shown to you in the Configure MFA Verification window.
  4. The authenticator app will then display a six-digit verification / password code.
  5. Enter the six-digit code into the Verification Code field.
  6. Click Verify & Continue. You will be logged in.

Optional: Tick Don't ask again for 30 days if you want the benefit of MFA without having to enter a code on each login.

 
 

 

Manage MFA

Once a user has MFA enabled and configured, it can be managed from their user card.

  1. In AroFlo Office, go to Site Administration > Users > Select User.
    Alternatively, go to Manage > Users > Select User.
  2. Under Multi-factor Authentication, click Manage. You will see the Manage MFA Verification window.

Disable MFA

  1. From the Manage MFA Verification window, click Disable.
  2. A window to confirm will appear. Click Disable.
 
 

Reset MFA

Reset MFA allows a user to configure MFA again.

Use this when a user loses access to a device that has the Authenticator App.

 
  1. From the Manage MFA Verification window, click Reset.
  2. Refer to 'Configure MFA' instructions above.
 
 

 

Using MFA

Once a user has enabled and configured MFA, the verification prompt will appear on Office login and Field login.

  1. Open the authentication app on your device.
  2. Locate the code displayed with your AroFlo account.
  3. Enter the code into the 'Verify Your Account' window.
  4. Click Verify.

Don't ask again for 30 days

A user can click the 30 day checkbox to gain the benefit of MFA without having to enter the verification code at every login.

 
 

Authenticator codes don’t work?

This can happen for a few reasons, including that time isn’t correctly synced on your Authenticator app. Look for settings such as 'Time correction' or 'Sync' in your chosen app.

Click the relevant Help link below.

Google Authenticator
Microsoft Authenticator
Twilio Authy