Enabling Multifactor Authentication (MFA)

 

Total Estimated time: Less than 5 minutes

The purpose of this document is to provide set up instructions for enabling MFA with Lifecycle Insights.  Before getting started, please note these key facts below regarding MFA and Lifecycle Insights.

  • If a user enables MFA, upon entering a valid username and password, the user will be challenged to complete authentication using a time-based one-time (TOTP) password.
  • The TOTP password is delivered using an Authenticator application.  As of this time, Lifecycle Insights has been verified to work with these industry leading Authenticator applications:
    1. Microsoft Authenticator
    2. Google Authenticator
    3. Authy
  • Site Administrators cannot force the user to use MFA, however they can at any time … view which users have MFA enabled in User Manager

 

How to Enable MFA (Any User)

 

  1. After logging in, the user should click on their name in the upper right hand corner, and then click Profile.

Profile link selected

 

 

 

  1. In the User Profile page, move the slider to Enable MFA

enable MFA switch

  1. After you have Enabled MFA, a QR code will display.  Scan that QR code with your phone.  Note, some Authenticator Apps tie directly into your phone's camera.  All of the supported authenticators allow you tp scan a QR code when adding an account.

 

  1. Once you scan the barcode, you follow the instructions (if any) to add Lifecycle Insights as an account within the Authenticator application.   In the Authenticator app, you will see a 6 digit code – enter that code into the User Profile screen and click Confirm.

 

Phone

  

authenticator app

 

LCI Profile

  

example of QR code

Logging in With MFA Enabled

 

  1. Go to Lifecycle Insights as you normally would (https://master.lifecycleinsights.io/)
  2. Enter your username and password, and click Submit
  3. You will be directed to confirm your login

MFA modal

  1. Go into your Authenticator app / Lifecycle Insights account to find your 6 digit code.  Enter that 6 digit code and click Submit.

 

**Note, the 6 digit code (TOTP) will only last for 30 seconds.  Ensure that you enter and click Submit prior to it expiring.  If it does expire, simply enter the next code that is generated.

 

 

Checking User MFA Status (Site Admins Only)

 

As a Site Admin, you can view if your users have enabled MFA in the User Manager Page.  To view this, click on Account Settings, then User Manager.

Menu with account settings highlighted and user manager highlighted

 

In the User Manager report, you can view the last column – which indicates if the user has MFA Enabled.   This is a read only column.

screengrab of user manager table with MFA highlighted