MFA

What is a secure profile?

A secure profile is a profile that does not rely solely on a login and a password.
This is why a user who has configured Multi-Factor Authentication (MFA) will be considered secure since additional information required from the user will be asked to login.

MFA means that besides requesting you to sign-in through your login and password, you will also be asked to provide a secret code you will get through other means like an Authenticator app, via email or SMS.

 

Why is securing your profile mandatory?

One of the main reasons is to prevent yourself from being a victim of a phishing campaign. A phishing campaign aims at retrieving your login and password through fake emails, SMS or a website that will mimic the communications or a product that you are used to.
Though, you can usually spot the fakes, they tend to be more and more accurate and it's easier and easier to fall in their traps.

But if you have secured your profile with MFA, they will not be able to log into your account even though they got your login and password since they will still be missing one key component: MFA.

Obviously, if you have a secured profile and you somehow divulged your login and password through a phishing campaign, you should still reset your password as a precaution. Better safe than sorry.

 

Configuration

You have three MFA methods at your disposal: 

  • Authenticator app
  • Email
  • SMS

Activating MFA with an Authenticator app

An authenticator app is an application that, once set up, will provide time-based codes to use for the different applications that you linked it to.

Here is a list of several Authenticator apps that you can use:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy

To activate MFA with an Authenticator app, follow the steps below:

  1. Click the Setup MFA CTA.
  2. Choose App authentication
  3. A QR code is displayed;
    • You can either scan it with your Authenticator app or
    • You can display the secret key, copy it and add it inside your Authenticator app
  4. Copy the code that your Authenticator app provides
  5. Enter the code in the appropriate field and click Verify.

MFA is now active on your profile. You can download and save the backup codes that are generated for you.

 

Activating MFA with Email

To activate MFA with Email, follow the steps below:

  1. Click the Setup MFA CTA.
  2. Choose Email authentication
  3. A code is sent to the email address filled in your profile
  4. Enter the code in the appropriate field and click Verify.

MFA is now active on your profile. You can download and save the backup codes that are generated for you.

 

Activating MFA with SMS

To activate MFA with SMS, follow the steps below:

  1. Click the Setup MFA CTA.
  2. Choose SMS authentication
  3. Fill in your phone number.
    You will receive a code by SMS.
  4. Enter the code in the appropriate field and click Verify.

MFA is now active on your profile. You can download and save the backup codes that are generated for you.

 

Signing-in with MFA

Once the configuration is complete, when logging in to the AB Tasty platform, follow these steps:

  1. Sign-in like you are used to with an email and password, through SSO or via Google Sign-in
  2. Once done, you will be asked to enter an authentication code
  3. Depending on the MFA method you chose, you can either
    1. Get a code from your authenticator app
    2. Receive a code on your email address
    3. Receive a code on your phone via SMS
  4. Enter the 6-digit code in the relevant field
  5. Click Validate and you will be logged in

If you are not able to get a code on Step 3, then you can select the method "Backup code" and try and enter one of your backup codes so you can login.

Good to know
You can also check the Don’t ask me again for the next 2 weeks option if your device is fully secured and if you do not want to enter a code on this one specifically for the next 2 weeks.

Was this article helpful?

/