Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.
This article contains the following:
How to turn on MFA for your account in GeoOp
MFA is required as part of integrating with Xero, but you can also turn it on for an extra layer of security for your business. In order to turn on MFA for your GeoOp account (and make it required for all users within that account) you will need Administration permissions.
You can find MFA by going to the settings cog in the navigation bar and then selecting 'Security' in the menu.
From here select the blue 'Make MFA Mandatory button'. This will immediately push you into the MFA set up process, and all of your users will be pushed into the MFA process the next time they sign in.
Note: Individual users can still optionally set up MFA if you don't make it mandatory by going to their own profile and selecting the security tab.
Top Tip:
If you have MFA enabled, we do not recommend re-allocating a staff that has left to a new staff member. This means updating their name and details from your ex-staff to your new staff. The new staff member will not be able to receive the MFA code.
Instead we recommend deactivating the old user and creating a new staff member. This will not cost you an additional licence.
How to set up MFA for yourself
Setting up MFA can be initiated in two ways
Your administrator has turned it on for your account, the next time you login you will be prompted for set up
By going to your profile and selecting the 'Security' tab
Once initiated you should see the MFA setup page that will ask you to choose where you would prefer to receive your login code for setup. You may choose either your Email Address or Phone Number.
Once you select where you would prefer to receive your two-factor authentication code, you will be brought to the following page where you will be required to enter your preferred email address or phone number.
Once you enter your email address or phone number, you will receive a 6 digit number via your preferred method. Please copy this number to enter on the next page.
On the next page, please enter the 6 digits code you received during the previous step.
Note: If you tick “Skip this step for future login” you will not be required to complete this process again until you log in with a new browser or a new device.
If you are having trouble receiving your MFA code, please contact support@geoop.com or head to our live chat.
How to manage the MFA destination of other users in your account
It is not possible to manage the MFA destination of other users in your account. If you have MFA enabled, we do not recommend re-allocating a staff member that has left to a new staff member. This means we do no recommend updating their name and details from an ex-staff member to a new staff member.
The new staff member will not be able to receive the MFA code as it will be sent to the MFA destination that was set up by the previous staff member.
Instead we recommend deactivating the old user and creating a new staff member. This will not cost you an additional licence.
If a staff member has changed their mobile or no longer has access to an email address for any specific reason, please reach out to our support team who will be able to assist with updating the MFA destination. Please note: this must be done by a user with administrator permissions.