Setting Up and Using Multi-factor Authentication (MFA)
Multi-factor authentication (MFA) is a security measure that requires users to enter a dynamically generated six-digit verification code in addition to their username and password when logging in. This six-digit code is generated by a piece of authentication software, such as Google Authenticator.
Why use multi-factor authentication?
Passwords alone are not a very secure form of account protection. If your account is secured by password alone, anyone who gains access to your email account could gain access to other accounts, such as your DISCO account, by requesting and intercepting a password reset link.
With MFA enabled, even if a hacker has your password they won't be able to log in unless they also have the device you have your authenticator app installed on.
Enabling multi-factor authentication on your account
At the moment, MFA can be enabled by request.
Setting up multi-factor authentication
When MFA is activated for your business, all users will see the following prompt the next time they log in to their DISCO account:
- Install Google Authenticator on your Android or iOS mobile device. The Android app can be found in the Google Play Store and the iOS app can be found in the App Store.
- Open Google Authenticator.
- Tap the red plus sign icon on the bottom right of your screen.
- Tap Scan a barcode. This should open up your camera in barcode scanning mode.
- Hold your phone up to your computer screen, with the QR code centered in your camera app.
- Enter the six-digit code listed in your Authenticator app into the Code field in DISCO. Make sure to do this before a new code is generated.
Resetting MFA if you've lost your phone or bought a new one
If you no longer have access to the device you set up MFA with or you need to set up a new device, your MFA credentials must be reset.
For security purposes, you will need to contact our support team at firstname.lastname@example.org.
We will require verification from one of the administrators on your account, so to expedite matters it's helpful to CC one of your DISCO's administrators on the email.
To find out who your account administrators are, head to the My Team page in your settings.
If you are an administrator, we will require verification from another administrator.
If you are the only administrator on your DISCO, we will use other means to verify your request.
MFA Frequently Asked Questions
Q: Do I have to use Google Authenticator? Can I use another app?
A: Our MFA system is compatible with other authenticator apps, such as Okta Verify, Authy, Lastpass, and Microsoft Authenticator. We suggest checking with your IT team to see what they recommend.
Q: I have Google Authenticator set up, but DISCO refuses to take my code.
A: Each code is only valid for about 30 seconds. Make sure to enter the code quickly, before a new code is generated. If you continue to have problems, please contact Support.
Q: What if I'm a member of more than one DISCO?
A: Provided you are using the same email account to login, you can use the same MFA codes for any DISCO you are a member of. Note that you will only be prompted for an MFA code on the DISCO's that have the MFA requirement enabled.
Q: MFA is enabled on our DISCO, but I'm using DISCO and it hasn't prompted me to set it up yet.
A: To prevent disruption in your workflow, you will be prompted to set up MFA the first time you log in after it has been enabled on your DISCO. If you'd like to set it up immediately, please log out andlog back in.