Introduction

Note: Multi-Factor Authentication (MFA) is a mandatory profile feature, and usually set up when creating your account.

If you want to use SMS as your authentication method, you’ll need to add a mobile number to your profile.

Enabling MFA For Your Account

When creating a new account, you will be prompted to set up MFA. When prompted, choose between using an authenticator app (ex: Google Authenticator, Microsoft Authenticator) or an SMS code when authenticating during future logins. Choose between using an authenticator app (ex: Google Authenticator, Microsoft Authenticator) or an SMS code when authenticating during future logins.

Using the Authenticator App for MFA

If you want to authenticate using an authenticator app, select Authenticator App and click Next.

A QR code will appear in the form. Using your preferred authenticator app, scan the QR code. You can also view the code as text and add it to the authenticator app manually. Once you see the authenticator app begin creating one-time passwords for your MDR Portal account, Click Next.

You’ll be taken to the final step, requiring you to provide the code generated by your authenticator app. Authenticator apps continuously create codes that expire every 30 seconds. Add the generated code before it expires and click Complete (If the initial code expires, simply repeat the process with a newly generated code).

An “Enabled” notification will appear at the top right of the page. The Multi-factor authentication toggle switch will be set to the “on” position and enabled for your account.

Using SMS for MFA

If you want to authenticate via SMS message when authenticating during future logins, select SMS and click Next.

A verification code will be sent to the mobile device associated with your profile. To use this method, you must have already added a mobile number to your account. After receiving the SMS message containing the authentication code, provide it in the form and click Complete.

An “Enabled” notification will appear at the top right of the page. The Multi-factor authentication will be shows as active on the Profile page. 

Remembering MFA on a Device

If you’re using a trusted device that you log in with frequently, you can have Field Effect remember the device for 60 days. If you choose this option, you won’t need to provide the MFA authentication code (SMS/App) for 60 days. On day 61, you’ll need to re-submit an authentication code. You can, however, choose to remember the device again.

This can be enabled when authenticating your device during a login. When asked to provide an authentication code, click the “Remember me on this device for 60 days” checkbox.

Revoking MFA Access Across Devices

If you have recently changed devices, or have remembered MFA across several devices, you can revoke the “trusted” MFA status on all devices associated with your account.

To do so, navigate to the Sign in & Security card on the Profile page, and click Revoke All in Trusted Devices section.

A confirmation window will appear on your screen. Click Confirm to revoke MFA on all devices. When logging back into the MDR Portal on any device, you’ll be asked to provide an MFA authentication code. You can still choose to remember devices when logging back in.

Clearing a User’s MFA Status

NOTE: You must be an admin to perform this task.

If one of your users has lost access to the device they enrolled for MFA with, you can clear the user’s MFA enrollment. This allows them to re-enroll with a new device.

Navigate to the User Management page (Administration section) and click the ellipses for the user you want to reset the status of. Once the ellipses menu is opened, click Clear user MFA.

The Clear MFA window will appear on your screen. After confirming you have selected the correct user, click Clear MFA.

You’ll be taken back to the User Management page and the user’s MFA status will be set to disabled, allowing them to re-enroll.