What Is Multi-Factor Authentication?

Multi-Factor Authentication (MFA) is a security system that requires users to provide multiple forms of verification to gain access to an online account. It typically involves two or more of the following factors:

1. Something you know: A password or PIN
2. Something you have: A physical device, like a smartphone or a one-time SMS or email code
3. Something you are: Biometric verification, such as a fingerprint or facial recognition

By combining these different types of factors, MFA significantly enhances security compared to single-factor authentication, making it much harder for unauthorized users to gain access, even if they obtain one of the factors. 

Whether your organization operates on a large scale with significant amounts of transactions or as a small nonprofit, MFA offers the robust security necessary to protect sensitive data.

How Multi-Factor Authentication Works

When you enable MFA, the Aplos login screen will give you the option to send a verification code to the communication method(s) you configure (authenticator, email, text message, or any combination of these).

On the login screen, you will see the authentication code options you have enabled. If you have enabled an email and an SMS (text message) option, you will be able to select either email or SMS to verify your identity from the login screen. If you only have one method enabled, that option will be selected for you.

How to Edit Multi-Factor Authentication (MFA)

To edit your MFA configuration in Aplos, navigate to the My Profile screen by hovering over the person icon and selecting "My Profile."

From the My Profile Screen, select "Multi-Factor Configuration."

Select the green “+ Add Multi-Factor” button.

When you enable the Multi-Factor option, you will have three methods of multi-factor authentication to choose from: authenticator, email, and SMS (text message). You can enable one or multiple.

Authenticator Method:

If you choose the Authenticator option, it will display a QR code for you to scan from your authenticator app. Once added, you can enter in the code displayed in your authenticator app to enable this method. If you do not want to scan the QR code, as a secondary option, you can enter in the code provided as a new key in your authenticator app.

Once you click enable that's it! You now have MFA set up with the authenticator app method!

Email or SMS method:

If you choose the email and/or SMS option, it will populate a box to enter in your email/phone number.

Make sure your contact information is correct. Then click the "Send a one-time code" button. You’ll receive a code via the method you chose.

When you receive the code, enter it in the “Verification Code” field and click the green “Enable” button.

Once you’ve clicked “Enable,” you’ll see a final screen that shows you recovery codes. These recovery codes can be used to complete a two-factor login or disable two-factor authentication if you misplace or replace your device. Be sure to record these codes somewhere safe since they will not be shown again.

When you’ve recorded these codes, click the green “Done” button.

You’ll see any Multi-Factor Authentication options that are currently enabled on the Multi-Factor Configuration screen. You have the option to add all authentication methods. To add an additional method, select the green "+ Add Multi-Factor" button and repeat the process above.

Please note that you can add each method with more than one email/phone number/authenticator app.

Troubleshooting MFA login

Not sure where your code will be sent?

• Email: If you set up your MFA method for email, it will specify the first few characters and the domain of the email it was sent to (see below for example)
  
  
  
  
• SMS: If you set up your MFA method for text messaging, it will specify the last for digits of the phone number the text code was sent to (see below for example)
  
  
  
  
• Authenticator App: If you set up MFA through an authenticator app, it will just say "enter the authentication code".
  
  
  
  
  • • If you do not have an authenticator app downloaded and you have an iPhone, check your "passwords" app (pictured below) and you will most likely find your code there.
      
      

If you are still having trouble getting past the MFA login please reach out to our customer care team and we would be happy to help!