Multi-factor authentication 

MFA an electronic authentication method in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). It protects the user from an unknown person trying to access their data such as personal ID details or financial assets.

   Note: Please find the importance of MFA here.


Two-factor authentication (also known as 2FA) is a type, or subset, of multi-factor authentication. It is a method of confirming users' claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly-generated and constantly refreshing code which the user can use.

        

So, for two-factor authentication, the user would go through a two-step process to confirm his identity to access WE platform.

  1. Something they know (password)

  2. Something they have (Mobile device with the authenticator app configured which would generate the OTP)


Authentication Apps 

 WealthEngine has made it easy for you to use many different authenticators, up to 15 options

This helps secure your application and access to your WealthEngine account. A new code generated about every 30 sections.


The following authenticators and OTP have all been verified by WealthEngine and are able to be used:


  • 1password

  • Amazon

  • Angellsit

  • App.net

  • Atlassian

  • AWS

  • Bitbucket

  • Coinbase

  • Duo

  • Facebook

  • GitHub

  • Google authenticator

  • GuildWars

  • Lastpass

  • Microsoft

  • Salesforce

  • Stripe


Prerequisites for MFA at WealthEngine:

  1. Users should have the MFA plan enabled to be able to use MFA.

  2. Third-Party Authenticator app installed in the mobile.


             Step 1: User has to sign in to WE using username & password.

                

    


     Step 2: First Time MFA setup

               Users with an MFA plan enabled would be displayed with this screen after they SignIn. Users should download/copy these codes and save them in a safe place. 

                  What is a Recovery Code?: A Recovery Code is used to recover the MFA account in the event when the User does not have access to the device where MFA is configured ie, when the User is unable to generate the OTP. 

                                    

      




Step 3:


Once the user confirms that the Recovery Codes have been saved by clicking on the checkbox and clicking on ‘Continue’, the User would be taken to the MFA setup process.

  1. Open the Authenticator App and Scan the QR code displayed

  2. The Authenticator app would display a 6 digit code that refreshes every 30 seconds.

  3. Enter the 6 digit code from the Authenticator App in the input field to complete the MFA configuration.

  4. Once the code is verified, the User will be provided access to the WE platform.