MFA administration

Multi-factor authentication (MFA) makes accounts more secure by asking for single-use security codes when users sign in. This article for administrators explains how to manage MFA in Attend Anywhere.

If you’re looking for help for your Attend Anywhere account, visit Multi-factor authentication (MFA).

Users can receive their code in one of two ways:

  • Authenticator app on their mobile device

  • Email sent to their registered account address

Both methods are always available, but the order may change depending on the sign-in link—for example, Near Me prioritises email.

Availability

MFA is not enabled for everyone. The following table shows where MFA is enabled:

MFA enabled

Sign-in links

Yes

No

After MFA is enabled for your site, staff need to set it up on their own accounts. Usage reporting can help identify who has not done so.

Set up MFA for an organisational unit

You can set MFA for your organisational unit as:

  • Prompted where users see a message recommending MFA setup. They can skip it, but the prompt will keep returning until they complete setup or skip for a set time.

  • Optional where users decide whether to set up MFA. They are not prompted.

If you set the MFA-security-policy to Prompted, the following happens:

  • People without MFA will see a prompt when they sign in. For some, the prompt may be delayed by up to an hour because Attend Anywhere caches account details.

  • Attend Anywhere does not block users without MFA—it only recommends setup.

  • If an account holder clicktaps Set up later, the prompt will disappear for 5 days. Someone may see the prompt if they are members of other organisational units, or use a different device or browser.

Set MFA policy for an organisation unit

Follow these steps:

  1. In the console, ClickTap Organisational Units.

  2. ClickTap the organisational unit that you want to update.

  3. ClickTap Multi-factor Authentication (MFA) in the sidebar.

  4. Select Prompted or Optional.

  5. ClickTap Save.

  6. ClickTap Yes (if asked to confirm).

Configuration summary

Scope

Who manages it

What they can do

Notes

Organisational unit

Administrator (organisations)

  • Security policy

Either Prompted or Optional policies.

Account

Administrator (roles)

  • Turn off MFA for staff accounts

  

Account

Account holder

  • Change how they receive their security codes

  • Turn MFA on1 and off2

  1. Always

  2. Only when the security policy is Optional

Turn off MFA for an account

If someone loses access to their authenticator app or can’t receive codes (and you have permission to assign roles) follow these steps:

  1. From the main menu, clicktap Users. The Users screen opens.

  2. Find the user you need and clicktap the user in the list.

  3. ClickTap MFA Settings…

  4. Select Turn off MFA for the user.

  5. ClickTap Disable MFA.

This resets MFA for that person. At next sign-in, they will be prompted to set it up again.

Turn on MFA for an account

 You cannot turn MFA on for a user account. Contact the person and ask them to turn on MFA, using an authenticator app on their mobile device.

Report usage

To quickly find users who have turned on MFA, follow these steps:

  1. From the main menu, clicktap Users. The Users screen opens.

  2. Set MFA Settings to MFA on.

  3. ClickTap Search.

For more formal reporting of MFA usage, do the following:

  1. From the main menu, clicktap Reports. The Reports screen opens.

  2. Scroll down to find the Platform accounts card.

  3. ClickTap Download report (CSV).

  4. After the file has downloaded, open it in your text editor or spreadsheet app.

  5. Check the MFA Status column in the main data table.

The MFA-status value is the status of the account when the report is generated—not the status during the reporting period. To learn more about the Platform-accounts report, visit Detailed reports.

Help and support

 

See also:

Multi-factor authentication (MFA)

View user profiles