Enabling Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a security process that requires users to verify their identity through multiple methods before gaining access to a system, account, or application. It adds an extra layer of security beyond just a username and password.
In addition to the default username-password based authentication, Aayu Accounts allows users to set up a software token based MFA to secure their logins to Aayu Technologies products and services. Currently, users can enable MFA for their own accounts through the User Profile page of Aayu Accounts portal. Once setup, you will be required to provide an MFA code each time you log into any of the Aayu products and services with that user account.
Factors to consider before enabling MFA
- If your user account is being used to access MFT Gateway REST API, do not enable MFA.
- If your user account is being used to access EDI Generator, do not enable MFA.
(EDI Generator does not support MFA enabled accounts as of now. We will be introducing that capability in the near future.)
Installing Authenticator App
Since Aayu Accounts only supports software token based MFA, you are required to have an authenticator app which is capable of generating “Time-based One Time Password (TOTP)”s, on your smartphone. If you haven’t already installed such an app, you can download either the Google Authenticator or Microsoft Authenticator app from the provided links below.
For Android
For iOS
Enable MFA
Once an authenticator app is available, click on the “Enable MFA” button to initiate the MFA process for your account. Then Aayu Accounts will display a QR code and a secret key to be used with the authenticator app.
You can either scan the QR code with your authenticator app or manually add the secret key to it. Once added, authenticator app will start generating “Time-based One Time Password (TOTP)”s corresponding to your account.
After this step, it is a must to complete the Verify MFA device step as well. Without that, MFA will not be activated for your account.
Verify MFA device
As the final step, you will need to verify the MFA device (authenticator app) with Aayu Accounts by providing a MFA code generated by the app for your account. Additionally, you can provide a friendly name to identify the device. Once verified, MFA will be activated for your account.