Docy Child

Setting up Multi-Factor Authentication (MFA)

Estimated reading: 4 minutes

Multi-Factor Authentication (MFA) is a security feature that means users have to provide an additional form of authentication to access a system.

If you have MFA enabled in LUS, instead of just providing your username and password, you will need to provide a username, password and a verification code.

In LUS the verification code comes from one of two places, depending on which MFA options are selected:

  1. A 6-digit code from an Authenticator App installed on your phone or tablet – this is a Time-based One Time Password (TOTP).
  2. An 8-digit code in an Email sent to your registered email address.

Setting up MFA

To increase the security of your own user account, you can add MFA for yourself.

Once logged into LUS navigate to the User Menu (in the top right corner of the page), then click My Profile; you will see the following:

If you want to use an Authenticator App (e.g. Microsoft Authenticator, Authy, LastPass, 1Password or Keeper) to generate your verification code, set up as below.

To add MFA with an Authenticator App:

  1. Click the Add button.
  2. Add your password when prompted (the password you use to login to LUS).
  3. On the next screen scan the QR code with your authenticator app (e.g. Microsoft Authenticator, Authy, LastPass, 1Password or Keeper) and add the 6-digit code displayed by your app.
  4. On the next screen you will see a list of Backup codes, store these securely, you can use them to login to LUS if you don’t have your Authenticator app or Email available.
  5. Next time you login to LUS you will be asked to input a 6-digit code from your Authenticator App.

Note: If you add Authenticator App, Email verification will also be setup automatically as a backup in case you don’t have access to your device.

If you don’t want to use an Authenticator App you can choose to setup just Email instead, as below.

To add Email:

  1. Click the Add button
  2. Enter your password when prompted.
  3. You will receive an email with an 8-digit code, enter this code when prompted.
  4. On the next screen you will see a list of Backup codes, store these securely, you can use them to login to LUS if email is unavailable.
  5. Next time you login you with your username and password you will receive an email with an 8-digit code. Input this 8-digit code to complete your login.

If you can’t access your Authenticator App or Email

Your Backup codes can be used as a verification code, so use these if you don’t have access to your Authenticator App or your Email.

When you setup MFA you are provided a list of ten 8-digit backup codes. Each of these codes can only be used once, so when you use one it’s a good idea to delete it from your list.

If your list of backup codes is running low you can generate a new list of codes by clicking Regenerate from the My Profile page:

Removing MFA

To remove TOTP or Email MFA from your user account, click the Remove button.

You will be prompted to add a verification code:

  • For Authenticator App, use either a code from your authenticator app or one of your Backup codes.
  • For Email, use either the 8-digit code sent to you by email or one of your Backup codes.

To make MFA mandatory for all users in your account

If you want to make sure that all users in your account are using MFA, get in touch with us and we can make MFA mandatory in your account.

From that point all users in your account will be made to setup MFA on their next login, as above.