MFA Login

After signing in with their credentials, which include the username and password, the user will need to undergo an additional layer of security if at least one Multi-Factor Authentication (MFA) method is configured on their account. This extra step ensures a higher level of protection for the user's account.

If the account has at least one MFA method configured, the system will prompt the user to select their preferred MFA method for the additional security check. This step is crucial for multifactor validation and enhances the security of the login process. These could include options such as receiving an OTP via an authenticator app, SMS, or email.

The visible buttons will be those that have been configured in the MFA settings; otherwise, they won't be shown.

After the user selects their desired Multi-Factor Authentication (MFA) method from the available options, the system initiates the process of sending or generating the One-Time Password (OTP) associated with that method.

  1. OTP Generation: Upon selecting the mode, the system immediately sends or generates an OTP through the chosen method. For example:

    • If the user chooses an authenticator app, the OTP will be generated within the app.

    • If SMS or email is selected, the OTP will be sent to the user's registered phone number or email address.

  2. Enter OTP: The user then receives the OTP and types it into the designated field on the authentication screen.

  3. Verification: After entering the OTP, the user clicks the "VERIFY" button to confirm their authentication attempt.

  4. Validation Process: The system verifies the entered OTP against the one generated or sent. If the OTP matches and is valid within the specified time frame, the authentication process proceeds.

  5. Access Granted: Upon successful verification, the user gains access to their account or the requested resource, confirming their identity through the Multi-Factor Authentication process.

As for the MFA Configuration process for the APP mode, there will be no countdown or "RESEND OTP" button because those are managed by the chosen authenticator app.

Last updated