MFA Configuration

After successfully logging in, the user can navigate to the “Account” page by clicking on their Account Icon located in the top right corner of the platform's interface. From the dropdown menu that appears on the left, the user should select the voice "Security".

Once on the Security page, users are presented with various options to enhance and manage their account's security settings. Here, they can change their password by following the prompts in the corresponding tab, ensuring their account remains protected with a strong and updated password.

Additionally, the user can manage Multi-Factor Authentication (MFA) settings from the dedicated MFA tab. This section allows them to configure, enable, or modify their MFA options, providing an added layer of security to their account. By accessing these settings, users can select their preferred verification methods, such as generating and entering a One-Time Password (OTP) from a chosen provider, thereby tailoring the security measures to their specific needs and preferences.

Phone

Setting up the phone configuration within the security settings requires the input of a valid phone number. This phone number is crucial for enabling certain security features, such as receiving One-Time Passwords (OTPs) for Multi-Factor Authentication (MFA).

The format for the phone number is specific and must adhere to certain guidelines to be accepted by the system. The phone number should contain only numerical digits. Additionally, the characters "+" and "-" are also permitted, allowing for international dialing codes and proper formatting. This ensures that the phone number is correctly formatted for both domestic and international users, facilitating smooth and reliable communication for security verifications.

By ensuring the phone number is entered correctly, users can effectively utilize phone-based security features, thereby enhancing the overall protection of their account.

Email

Setting up the email configuration within the security settings necessitates the input of a valid email address. This email address is essential for enabling various security features, such as receiving account notifications, password reset links, and Multi-Factor Authentication (MFA) codes.

To ensure the email address is accepted by the system, it must follow standard email formatting rules. This includes having a valid local part (the portion before the "@" symbol) and a domain part (the portion after the "@" symbol), with appropriate characters and structure. A properly formatted email address ensures that users can reliably receive important communications and security codes, which are vital for maintaining account security.

By entering a valid email address, users can take full advantage of email-based security features, thereby enhancing the overall protection and management of their account.

App

To enhance account security through Multi-Factor Authentication (MFA), users can utilize an Authenticator app such as Google Authenticator or Microsoft Authenticator. These apps provide a convenient and secure way to generate One-Time Passwords (OTPs).

To set up the authenticator app with Xenioo, follow these steps:

  1. Scan the QR Code: Within the security settings, locate the QR code provided for MFA setup. Open your desired authenticator app on your mobile device and use the app's scanning feature to scan the QR code. This action binds the authenticator app to your Xenioo account, enabling it to generate the necessary OTPs.

  2. Receive OTPs: Once the QR code is scanned successfully, the authenticator app will start generating OTPs specifically for your Xenioo account. These OTPs are typically valid for a short duration and refresh periodically, ensuring a high level of security.

  3. Validation: After setting up the authenticator app, you need to validate the integration to ensure everything is functioning correctly. Press the "SEND OTP FOR VALIDATION" button within the Xenioo platform. This action prompts the system to send a validation OTP to your authenticator app.

  4. Enter the OTP: Retrieve the OTP generated by the authenticator app and enter it in the designated field on the Xenioo platform. Completing this step successfully confirms that your authenticator app is correctly linked to your Xenioo account, allowing you to proceed with the enhanced security setup.

When validating the APP mode, the countdown for the OTP is not visible in the OTP validation window in Xenioo because the countdown is managed by the APP. Because of that, the button “RESEND OTP” is not present also because the OTP will be generated by the APP.

OTP Validation

Each mode of Multi-Factor Authentication (MFA) must be validated before it can be used during the login process. This validation step ensures that the chosen authentication method is correctly set up and functional.

Validation is initiated by pressing the "SEND OTP FOR VALIDATION" button. Here's how the process works:

  1. Initiate Validation: After configuring an MFA mode (such as an authenticator app or phone number), the user must validate it by pressing the "SEND OTP FOR VALIDATION" button within the security settings.

  2. Receive OTP: Upon pressing the button, the system will generate and send a One-Time Password (OTP) through the configured mode. For instance, if an authenticator app is used, the OTP will appear within the app. If a phone number is used, the OTP will be sent via SMS.

  3. Enter OTP: A new dialog will pop up on the Xenioo platform, prompting the user to enter the received OTP. This dialog ensures that the user confirms receipt of the OTP and verifies their control over the configured mode.

  4. Complete Validation: The user enters the OTP in the dialog box and submits it. If the OTP is correct, the validation is successful, and the MFA mode is activated for use during future logins.

The OTP is a 6-digit code, consisting of numbers only.

If the countdown reaches zero before the user has entered and validated the OTP, the system recognizes that the OTP has expired., the “VALIDATE OTP” button will automatically change to a “RESEND OTP” button. This ensures that users have another opportunity to obtain a valid OTP and complete the validation process.

When validating the APP mode, the countdown for the OTP is not visible in the OTP validation window in Xenioo because the countdown is managed by the APP. Because of that, the button “RESEND OTP” is not present also because the OTP will be generated by the APP.

When the OTP code is entered incorrectly or has expired, the system will provide feedback to inform the user of the issue. This ensures that the user is aware of the mistake and can take corrective action to complete the validation process.

When the OTP validation is completed successfully, the system provides clear visual and textual feedback to inform the user of the successful configuration of Multi-Factor Authentication (MFA).

The red text “TO BE VALIDATED” will change into a green one, indicating “VALIDATED”.

This color change provides a quick and clear visual confirmation that the MFA setting is now active and properly configured.

In addition to the visual change, the system will display a message informing the user that the MFA setting has been successfully saved. This message ensures the user understands that the validation process is complete and that their account is now protected by the enhanced security measure.

Last updated