Account and Support

  1. Home
  2. Account and Support
  3. Create & Use Multi-Factor Authentication (MFA)

Create & Use Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) provides an additional layer of login security, as it requires those logging in to input an algorithmically random number sent to their phone or other device before being able to log in. 

To use MFA, you may be required to download a Time-limited One Time Password (TOTP) app.

These apps include:

  • Google Authenticator
  • Microsoft Authenticator
  • 1Password
  • and others

While it is recommended for all users to use MFA when able, it is particularly important for Site Administrators and those with publishing privileges.

1. When logged in, navigate to your Profile, the Security tab.

2. Select 'Enable Multi-Factor Authentication'

Review the important information about setting up MFA on the account, if you are unable to use the MFA once set up, if can result in significant delays in being granted access. 

Click Next.

3. With your device, open your authenticator app, and select scan QR code.

Use this to scan the QR code on your profile. 

4. To connect your authenticator app to your profile, input the 6-digit code displayed on your authenticator app associated with your Koordinates account 

Note: If you have multiple MFA accounts set up, make sure you are inputting the correct code.

Click Next.

Your account now has MFA enabled, however it is recommended that backup codes are generated in case you are unable to access the authenticator app.

5. Select the Generate Backup Codes

This will explain how and why backup codes are required, as well as advising if you currently have any backup codes avaialble. 

Click Get Codes

6. A list of auto-generated codes will be created. 

Print these codes and keep them somewhere safe. They will not be displayed again. If you lose your backup codes, please generate a new set.

7. Returning to your account page, there will be a notification advising MFA has been enabled.

Using MFA to log in

Once MFA is enabled, it's a good idea to logout and login to test and make sure the authentication process is working correctly.

1. At the login screen, enter your email address & password as usual, and Select Login

2. You will be prompted to use Multi-Factor Authentication.

You can choose to use either your authentication app and input the time-sensitive 6-digit code, or inputting one of your backup codes.

You will then be logged in as normal.

3. If a backup code is used, it will be unable to be used again, and the count of available backup codes will reduce by 1. 

Disabling MFA

Once MFA is enabled, it is recommended to not disable unless under specific circumstances, including:

  • changing phone or authenticating app
  • leaving role / handing account over to another user
  • due to technical problems

1. Navigate to the Security Tab of the Profile page

If MFA is enabled, this screen will appear.

2. Select Disable Multi-Factor Authentication 

3. You will need to confirm that you are sure you want to disable MFA.

4. Select Disable

MFA will be removed from your account.