Multi-factor authentication (RSM users)
- Kelly Collins
You will have the ability to set this up for your own individual log in. If you have admin rights you will be able to set this as mandatory for all users against a client, and reset MFA for all users. Please go to multi-factor administration - RSM admin users for more information.
What is MFA?
How is it set up?
How do users log in for the first time?
What happens if I have changed/lost my device?
What is MFA?
MFA is a two-step process. You will log in to the client portal as normal, and then required to enter a one-time password. This password is generated by a mobile application authenticator. These can be downloaded via app stores, the most common ones are google authenticator and microsoft authenticator. When you go into your app, you will be given a one-time password (which is time sensitive) to enter into the client portal login screen. This adds an additional layer of security to your data and login details, based on a password that only you know, and a one-time password on a device that only you have.
How is it set up?
Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Each individual user will need to have this on their own device.
Within the client portal, click on your name and go to settings. Within settings, click the dropdown authentication, select the option time-based one-time password. Scroll down and click save. This will now be active when you next log in to the portal.
How do users log in for the first time?
You will log in to the client portal with your username and password as normal. You will then be presented with a QR code, and a verification code box. Scan the QR code using the authenticator app you have downloaded. The app will then provide you with a one-time 6-digit verification code, enter the code in the box provided and click next. You will then be logged into the client portal.
After the initial login, you will no longer see the QR code. Simply enter your username and password you will then be prompted to enter your 6-digit verification code from your authenticator app, click next and you will be logged into the client portal.
What happens if I have changed/lost my device?
If you lose or change your mobile device, or have had to reinstall the authenticator application, you may need to have your MFA reset for the client portal. Please speak to a RSM admin user. Once reset, you will follow the steps as above as a first time user.