|
Multi-factor authentication (MFA) offers an additional level of security for your AroFlo site. It requires users to enter a code obtained from an authenticator app (typically on their phone or tablet) before they can log in.
Who needs to use MFA? MFA is optional for all users. In the future it will be compulsory for users with access to Xero via the AroFlo Integration menu. |
 |
Authentication Apps
| Google Authenticator | Microsoft Authenticator | Twilio Authy | |
|---|---|---|---|
 |
 |
 |
|
 |
Download link | Download link | Download link |
 |
Download link | Download link | Download link |
Enable MFA
Permission Groups
- Managers and those with permission can enable MFA on their own user card.
- Site Administrators (who can view and edit other users) with the above permission can also enable or disable MFA for other users.
Custom permission groups
For custom permission groups, Site Administrators can control who can enable or disable MFA by going to Permission Groups > [Select permission group] > Users > Fields > MFA (Add / Remove to ticked).
MFA is enabled on a user card.
- In AroFlo Office, go to Site Administration > Users > Select User.
Alternatively, go to Manage > Users > Select User. - Under Multi-factor Authentication, click Enable.
If you're viewing your own user card, click Enable & Configure. You can also configure MFA as soon as it has been enabled.
- The Enable MFA Verification window will appear. Click Enable.
The user is now ready to configure MFA. If you have enabled MFA for another user, they will see the configuration window on next login. Refer to the steps below.
Configure MFA
|
Once a user has MFA enabled, that user will see the Configure MFA Verification window the next time they log in. If you're enabling MFA for yourself, you will see this as soon as you enable MFA.
Optional: Tick Don't ask again for 30 days if you want the benefit of MFA without having to enter a code on each login. |
 |
Manage MFA
Once a user has MFA enabled and configured, it can be managed from their user card.
- In AroFlo Office, go to Site Administration > Users > Select User.
Alternatively, go to Manage > Users > Select User. - Under Multi-factor Authentication, click Manage. You will see the Manage MFA Verification window.
Disable MFA
- From the Manage MFA Verification window, click Disable.
- A window to confirm will appear. Click Disable.
Reset MFA
Reset MFA allows a user to configure MFA again.
Use this when a user loses access to a device that has the Authenticator App.
- From the Manage MFA Verification window, click Reset.
- Refer to 'Configure MFA' instructions above.
Using MFA
Once a user has enabled and configured MFA, the verification prompt will appear on Office login and Field login.
Don't ask again for 30 days A user can click the 30 day checkbox to gain the benefit of MFA without having to enter the verification code at every login. |
|
Authenticator codes don’t work?
This can happen for a few reasons, including that time isn’t correctly synced on your Authenticator app. Look for settings such as 'Time correction' or 'Sync' in your chosen app.