MFA Configuration
Last updated
Last updated
After successfully logging in, the user can navigate to the “Account” page by clicking on their Account Icon located in the top right corner of the platform's interface. From the dropdown menu that appears on the left, the user should select the voice "Security".
Once on the Security page, users are presented with various options to enhance and manage their account's security settings.
The user can manage Multi-Factor Authentication (MFA) settings from the dedicated MFA tab.
This section allows them to configure, enable, or modify their MFA options, providing an added layer of security to their account. By accessing these settings, users can select their preferred verification methods, such as generating and entering a One-Time Password (OTP) from a chosen provider.
Setting up the phone configuration within the security settings requires the input of a valid phone number.
The phone number should contain only numerical digits. Additionally, the characters "+" and "-" are also permitted, allowing for international dialing codes and proper formatting.
Setting up the email configuration within the security settings necessitates the input of a valid email address.
To ensure the email address is accepted by the system, it must follow standard email formatting rules.
Users can utilize an Authenticator app such as Google Authenticator or Microsoft Authenticator. These apps provide a convenient and secure way to generate One-Time Passwords (OTPs).
To set up the authenticator app with Xenioo, follow these steps:
Scan the QR Code: Within the security settings, locate the QR code provided for MFA setup. Open your desired authenticator app on your mobile device and use the app's scanning feature to scan the QR code.
Receive OTPs: Once the QR code is scanned successfully, the authenticator app will start generating OTPs specifically for your Xenioo account.
Validation: After setting up the authenticator app, you need to validate the integration to ensure everything is functioning correctly. Press the "SEND OTP FOR VALIDATION" button within the Xenioo platform.
Enter the OTP: Retrieve the OTP generated by the authenticator app and enter it in the designated field on the Xenioo platform.
Completing the last step successfully confirms that your authenticator app is correctly linked to your Xenioo account, allowing you to proceed with the enhanced security setup.
When validating the APP mode, the countdown for the OTP is not visible in the OTP validation window in Xenioo because the countdown is managed by the APP. Because of that, the button “RESEND OTP” is not present also because the OTP will be generated by the APP.
Each mode of Multi-Factor Authentication (MFA) must be validated before it can be used during the login process. This validation step ensures that the chosen authentication method is correctly set up and functional.
Validation is initiated by pressing the "SEND OTP FOR VALIDATION" button.
Here's how the process works:
Initiate Validation: After configuring an MFA mode (such as an authenticator app or phone number), the user must validate it by pressing the "SEND OTP FOR VALIDATION" button within the security settings.
Receive OTP: Upon pressing the button, the system will generate and send a One-Time Password (OTP) through the configured mode. For instance, if an authenticator app is used, the OTP will appear within the app. If a phone number is used, the OTP will be sent via SMS.
Enter OTP: A new dialog will pop up on the Xenioo platform, prompting the user to enter the received OTP. This dialog ensures that the user confirms receipt of the OTP and verifies their control over the configured mode.
Complete Validation: The user enters the OTP in the dialog box and submits it. If the OTP is correct, the validation is successful, and the MFA mode is activated for use during future logins.
The OTP is a 6-digit code, consisting of numbers only.
If the countdown reaches zero before the user has entered and validated the OTP, the system recognizes that the OTP has expired., the “VALIDATE OTP” button will automatically change to a “RESEND OTP” button. This ensures that users have another opportunity to obtain a valid OTP and complete the validation process.
When validating the APP mode, the countdown for the OTP is not visible in the OTP validation window in Xenioo because the countdown is managed by the APP. Because of that, the button “RESEND OTP” is not present also because the OTP will be generated by the APP.
When the OTP code is entered incorrectly or has expired, the system will provide feedback to inform the user of the issue. This ensures that the user is aware of the mistake and can take corrective action to complete the validation process.
When the OTP validation is completed successfully, the system provides clear visual and textual feedback to inform the user of the successful configuration of Multi-Factor Authentication (MFA).
The red text “TO BE VALIDATED” will change into a green one, indicating “VALIDATED”.
In addition to the visual change, the system will display a message informing the user that the MFA setting has been successfully saved. This message ensures the user understands that the validation process is complete and that their account is now protected by the enhanced security measure.
