What is Multi Factor Authentication (MFA) and how does it work?

• Multi-Factor Authentication (MFA) is a security enhancement introduced on the Resilinc platform to better protect user accounts from unauthorized access. It requires users to complete an additional verification step—beyond the standard username and password—by entering a one-time code sent to their registered email address.
• This feature is available for both Customer and Supplier portals and applies to:
  • Web Login page
  • Mobile app Login Page
  • Registration Page
  • Event Response Page (for suppliers)

Note: SSO (Single Sign-On) users are exempt from this requirement.

• How it works:

1. Web Login Process:

• 
  
  • After entering your username and password, click 'Proceed'.
• 
  
  •  
  •  
  • A verification code is sent to your registered email address.
• 
  
  •  
  •  
  • Enter the code and click 'Validate & Log in'.

2. Mobile app Login Process:

• 
  
  • After entering your username and password, click 'Proceed'.
• 
  
  •   
•  
  • A verification code is sent to your registered email address.
  • Enter the code and click 'Validate & Log in'.

3. Registration Process:

• 
  
  • Once you fill out all the details on registration page and clicks on proceed, a verification code is sent to your email.
•  
  •  
• 
  
  •  
  •  
  •  Enter the code and click 'Validate & Register' to complete the process.

4. Event Response (Suppliers Only)

• 
  
  • Post receiving supplier impact notification email, when supplier user clicks on the event response link from email, a code is sent to user’s inbox.
• 
  
  •  
  •  
  • Enter the code and click 'Validate & Proceed' to confirm the response.
• MFA Configuration Options
  • On the customer portal, only Company Admin can access and configure the MFA settings. This setting can be configured from:

Customer Portal → Preference & Notifications Settings → Global Settings

• 
  
  • On the supplier portal, only user with Crisis Manager role can access and configure the MFA settings. This setting can be configured from:

Supplier Portal → System Settings

• 
  
  •  Admins can choose from:
    • Every Login – Code is required each time you log in.
    • Once Every 3 Months (Default) – Code is required once per quarter.
    • Disabled – MFA is turned off (not recommended).
  • Default MFA setting is set to Once Every 3 Months. However, whenever admin user tries to change this setting, the setting would be freeze for next one month and when he selects a different option and clicks on Save button, he gets a popup saying “MFA settings cannot be changed for 30 days. Confirm to proceed”.

Attachments (11)

1dac8694-d90....png
72.2 KB

47a10620-d2e....png
64.2 KB

28c7b0f6-961....png
116 KB

99601c98-8fb....png
119 KB

69da7e5b-a0b....png
127 KB

56a73ae2-535....png
233 KB

cae477a3-35e....png
137 KB

fabca9c8-ea4....png
394 KB

672c841c-787....png
233 KB

f29be5ea-4e7....png
413 KB

c42d0b12-2fc....png
403 KB