Multi-Factor Authentication
About Multi-Factor Authentication (MFA)
MFA is an effective way to provide additional security to your Vega Platform accounts. Multi-Factor Authentication (MFA) is a security measure that requires users to verify their identity using both a password and an additional factor, like an Authenticator app. After entering their password, users must input a unique code generated by the Authenticator app on their phone, adding an extra layer of protection against unauthorized access.
MFA will NOT apply to users that login via Single Sign-On (SSO).
Select an MFA Client Application
MFA in the Vega Platform requires the use of Time-based One-time Passwords (TOTP) via an Authenticator app. Currently supported Authenticator Applications are:
- Microsoft Authenticator
- Google Authenticator
- FreeOTP
Enable MFA
- To enable MFA, navigate to the Multi-Factor Authentication section in Settings.
- Switch the "Authenticator" toggle to 'On'.
This will enable MFA across your organization account for all users (except SSO users).
Mobile Authenticator Setup for User Accounts
- After MFA is enabled, the platform will prompt each user to to setup their Mobile Authenticator on next login.
- Each user will need to complete the following steps in the dialog:
- Click the "Submit" button to finish MFA configuration.
- If successful, the user will be logged in, and MFA will now be enabled for the user account.
A One-time code will now need to be entered from a user's Mobile Authenticator for every login moving forward.
User Login with MFA
- After MFA is enabled, the user will have an additional prompt to enter their One-time code after completing the standard username/password login:
- The user will need to open the Mobile Authenticator on their device to find the One-time code:
Disable MFA
- To disable MFA, navigate to the Multi-Factor Authentication section in Settings.
- Switch the "Authenticator" toggle to 'Off'.
This will disable MFA across your organization account for all users. All users' Mobile Authenticator configurations will now be invalid and should be removed.
Re-Enable MFA
If MFA was previously active and has been re-enabled, all previous user Mobile Authenticator configurations will no longer be valid. Users need to delete the configuration from their Mobile Authenticator app. Users will again follow the setps in Mobile Authenticator Setup for User Accounts to configure MFA again.