How does two factor authentication work in getregistered?

When you are logging in to getregistered, you may be prompted to use either MFA (multi-factor authentication) or 2FA (two-factor authentication) to access your organization. This option is managed by getregistered on request of the organization owner, and when enabled, you may be prompted with the following:

MFA enabled

Where MFA has been enabled for your organization in getregistered, following login or account creation, you will see the following screen displayed:

You will automatically receive a 6 digit code, which is sent to the email address associated with your getregistered account. Simply enter the 6 digit code into the Verification Code text box to verify, and you will be immediately logged in to getregistered. If you do not receive your verification code, click the 'Resend Code' option to receive a new code - all codes have an expiry time of 10 minutes.

Depending on your organization's MFA configuration, you may have 'Trusted Browser' functionality enabled. If enabled, this means that following your first login using MFA, you will not be prompted again to verify via MFA for a specific time period, which is detailed in your 'Security Settings' page. To access your Security Settings page, go to 'My Account' (by clicking on your user icon at the top right of the page and selecting 'My Account'. Here you will see the 'Security Settings' button displayed to the left of the page:

Click on this and you will be taken to the 'Security Settings' page:

In your Security Settings, you have the ability to enable 2FA if desired, and also view/manage your trusted browser settings. Any active trusted browser sessions will show the browser, OS and expiry time for the session. If you wish to revoke any trusted browser session, click on the 'Revoke' option - following this, you will be prompted to provide an MFA code on your next login using this browser.

Please note that where MFA has been enabled for an organization, this is a mandatory flow for logging in and can only be completely disabled by getregistered on request from the organization owner.

2FA Enabled

Where 2FA has been enabled for your organization in getregistered, following login or account creation, you will see the following screen displayed:

If your organization allows a 'grace period' for enabling 2FA (as demonstrated in the screenshot above), you will be able to bypass 2FA enrollment for a specific time period, but once that time period is reached, you must enrol.

To begin enrolling in 2FA, scan the QR code displayed using your preferred authenticator app. Once scanned, enter the 6 digit code displayed on your app into the field provided and submit.

You will then see the following page:

The codes displayed here will assist you with logging into your account if you have issues with accessing/interacting with your preferred authenticator app. You have the option to download these recovery codes as a text file or copy and paste them somewhere secure - we would advise that you capture these codes somewhere safe to avoid any issues when accessing getregistered in the future! When you are ready to proceed, click on the 'Continue to Dashboard' button, and you will be logged in to getregistered.

When you next need to login to getregistered, you will see the following page displayed after entering your email and password:

Simply enter the code from your authenticator app to proceed, and you will then be logged in to getregistered.

Depending on your organization's MFA configuration, you may have 'Trusted Browser' functionality enabled. If enabled, this means that following your first login using MFA, you will not be prompted again to verify via MFA for a specific time period, which is detailed in your 'Security Settings' page. To access your Security Settings page, go to 'My Account' (by clicking on your user icon at the top right of the page and selecting 'My Account'. Here you will see the 'Security Settings' button displayed to the left of the page:

Click on this and you will be taken to the 'Security Settings' page:

In your Security Settings, you have the ability to disable 2FA if required (eg if you need to reset your current 2FA setup due to not being able to authenticate), view your recovery codes and also view/manage your trusted browser settings. Any active trusted browser sessions will show the browser, OS and expiry time for the session. If you wish to revoke any trusted browser session, click on the 'Revoke' option - following this, you will be prompted to provide an MFA code on your next login using this browser. If the Trusted Browser area is empty, this means that your organization does not allow for Trusted Browser sessions, meaning that you will need to login using 2FA every time you wish to access getregistered.

Please note that where 2FA has been enabled for an organization, this is a mandatory flow for logging in and can only be completely disabled by getregistered on request from the organization owner.