Skip to main content

How does MFA/2FA work?

Updated

This guide explains how Multi-Factor Authentication (MFA) works within the Jumptech platform, enhancing the security of your user accounts.

 

What is MFA?

 

Multi-Factor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction. In simpler terms, it adds an extra layer of security beyond just your password, making it significantly harder for unauthorized individuals to access your account.

 

How MFA Works in Jumptech

 

MFA in Jumptech operates in two primary stages:

 

1. Tenant-Level MFA Enablement (Administrator Action)

 

  • Who enables it? MFA must first be enabled at the tenant (organisational) level by Jumptech support or other authorised personnel.
  • Why is this necessary? Until MFA is enabled at the tenant level, the MFA settings for individual users will appear greyed out and cannot be activated.
  • Setup: Enabling MFA at the tenant level requires some initial setup by Jumptech support.

 

2. User MFA Activation (Individual User Action)

 

  • When can users activate it? Once MFA has been enabled at the tenant level, individual users can then activate MFA for their own accounts.
  • Where to find it: You will find the option to enable MFA within the "Security, Authentication" section of your user settings.
  • Enhanced Security: Activating MFA provides a strong authentication option, adding a crucial layer of security to your login process beyond just your password.

 

MFA Enforcement and Limitations

 

  • Mandatory MFA: For some tenants, MFA may be marked as mandatory by default, meaning all users within that tenant will be required to use MFA for their logins.
  • No Third-Party Integration: Currently, Jumptech's MFA is provided natively within the platform. Jumptech does not support integration with third-party identity assurance services or Single Sign-On (SSO) solutions.

 

Security Context

 

MFA is an integral part of Jumptech's comprehensive security policies and controls. These measures are designed to protect user access and data on the platform. Beyond MFA, Jumptech's authentication framework also includes:

  • Password Policies: Rules governing the strength and complexity of user passwords.
  • Account Lockout Mechanisms: Systems to prevent brute-force attacks by temporarily locking accounts after multiple failed login attempts.

 

Summary of MFA in Jumptech

 

To summarize, Jumptech's MFA system requires a two-step process:

  1. Tenant-level enablement by Jumptech support or authorized personnel.
  2. Individual user activation once it's enabled for the tenant.

This process ensures an extra layer of security during login, significantly enhancing the protection of your Jumptech account and data.

 

Steps to activate

  1. Log in to your Pathway account
  2. Go to the "Security, Authentication" section of your user settings.
  3. Tick the SMS box in the 'Multi Facytor Authentication' section
  4. Be sure to check the mobile number is correct
  5. Click on Save or Update to activate the feature
  6. When you next log in, the system will require a code before proceeding.

Related to

Related articles

Comments

0 comments

Article is closed for comments.