When MFA is enabled for a user and MFA type is Authenticator Apps,
User will receive Authenticator app configuration mail when user login for the first time after MFA is enabled (This Email will have a QR code and detailed steps to set up the Authenticator app) . We recommend users to use authenticator apps such as Microsoft Authenticator / Google Authenticator Apps.
Users can also use other authenticator apps available in Google Play Store or Apple App Store since all Authenticator Apps use the same algorithms.
There are two commonly used protocols for authenticator apps:
After setup, every time when user login, a new prompt is made requesting a OTP code. User has to enter the OTP code from the configured authentication App (Like Google Authenticator / Microsoft Authenticator)
Authenticator apps generate time-based, one-time passcodes (TOTP or OTP), which are usually six digits that refresh every 30 seconds.
OTP prompt after Login Example (For admin and UCP users)
Trust Device Checkbox
When the user selects the "I trust this device. Don't ask for codes for 7 days" checkbox, after validating OTP user will not be prompted for an authentication code for the next 7 days
If user can't get codes by text, call, or Google Authenticator, they can use backup codes to sign in to PBX. Once the user uses a backup code to sign in, that code becomes inactive. Userman users can generate/ regenerate / delete / download backup codes from UCP Settings.
Steps to configure authenticator app
On the top right click on Vertical three-dot menu > Add Account > Other Account
- Scan the QR Code which is sent through Email from phone or enter the code which is through Email manually in the app. After that, your 2-factor authentication will be configured and the app has been set up properly. Next you may be required to enter the 6-digit code displayed on the authenticator app every time you log in.
- Download Google Authenticator app from either the Apple App Store or the Android Google Play store. It's free.
At the bottom of your screen two options will show up, "Scan barcode" and "Manual entry". You only need to choose one of these options to complete the process. Using the "Scan barcode" option scan the QR Code or can use code which is sent through Email
After that, your 2-factor authentication will be configured and the app has been set up properly. Next you may be required to enter the 6-digit code displayed on the authenticator app every time you log in.