Skip to main content

Enabling two-factor authentication (2FA / MFA)

  • Updated

Two-factor authentication adds an additional level of security by asking for a verification code after entering your password.

To enable this feature you must have a two-factor authentication app installed on a handheld device e.g. Google Authenticator. Please use a secure device.

Role required: Any

Enabling two-factor authentication

To enable two-factor authentication click on your initials in the top right of Form and then select Security.

Enabling: Select the Enable Two-factor Authentication button.

Scanning: Open the two-factor authentication app on your handheld device and scan the QR code displayed on screen.
Note: Your two-factor authentication app may require it's own steps, like adding a new account.

Verification: Once scanned you will receive a verification code on your mobile app, enter this code into the verification code field on screen.

Once the code is entered select verify and update. Two-factor authentication is now enabled. The next time you login you will be asked to enter a code generated from the authenticator app.

Disabling: If you no longer want two-factor authentication, you can disable it by selecting Disable two-factor authentication.  Your account will no longer have this extra level of security and the next time you login you will only need your password.

 

2FA/MFA (multi-factor authentication) and Single Sign-on (SSO)

When logging in, learners have the option of using either Single Sign-on (SSO) authentication OR Multi-Factor Authentication (MFA). However, these two methods cannot be combined for the same user simultaneously. If both are active and set up, then once SSO has been selected at login, 2FA/MFA is ignored. 

If a learner uses SSO:

  1. Form LMS will redirect them to their organization's authentication system after validating their username/email. 
  2. The organization's security rules and settings will apply
  3. Any login settings configured in Form LMS (such as 2FA/MFA) will be ignored

SSO is not enforced. Users will always be able to use the standard authentication (username/email and password). This means an organisation can use SSO for those users within its network and standard authentication/2FA MFA for those outside it. 

2FA/MFA Authentication is also not enforced. It is an option for users to use at their discretion. 

Related articles