Multi-factor authentication

Multi-factor authentication provides an additional layer of security for data on a DXA account.

Enabling multi-factor authentication on a DXA account

  1. On the navigation bar, go to Settings button settings > Account Settings > Security and click Authenticator App (TOTP).

  2. Select Authenticator App (TOTP) Verification Enabled.

    Authenticator App (TOTP) authentication settings

  3. Click Save.

Multi-factor authentication is now enabled on the DXA account. Users must download Google Authenticator (or Microsoft Authenticator for Windows Phones) on their mobile device to log in to DXA.

Using multi-factor authentication to log in to DXA

Upon your first login after configuring Google 2-Step Verification, having typed in your username and password, you will be asked to configure two-step verification.

From your Google/Microsoft Authenticator app, you will need to either scan the barcode that you are presented with, or enter the secret key that you are shown in the DXA login screen. Once done, you will be presented with a six-digit verification code in Google/Microsoft Authenticator that you will need to enter in the Verification Code field before clicking Continue. This code will reset every 30 seconds.

Having configured this the first time, future logins will simply require your username and password, before asking you for a six-digit verification code that can only be found in your Google/Microsoft Authenticator app.

Checking if users have configured multi-factor authentication on their mobile device

  1. On the navigation bar, go to Settings button settings > Account Settings > Users.

  2. In the table, in the Actions column, click Edit for the user you want to check.

  3. Click the MFA tab.

A message appears telling you if the user has configured multi-factor authentication.2FA tabIf multi-factor authentication is configured, you can reset the configuration by clicking Reset. This will require the user to re-configure their authentication using the barcode or secret key to link to the Google or Microsoft Authenticator app.