What is MFA/2FA
MFA stands for Multi-Factor Authentication, and 2FA is 2-Factor Authentication. In strict terms, 2FA is a subcase of MFA (i.e. multi-factor can be any number of factors above and including 2) but in many cases both terms are used interchangeably.
Configuring MFA adds an extra layer of security to your NutriAdmin account. When setup, you access your account via:
- Something only you know (your password)
- Something only you have (your mobile phone)
This makes your account more secure because in order for someone to gain unauthorized access to your data, a cyber-attacker would have to simultaneously guess your password and gain access to your phone.
MFA is quite standard for web applications that store private data, and you may have already seen this technology elsewhere in the web. If you configure MFA for NutriAdmin then you will see a screen like the one below when you login (after you successfully enter your password).
In this screen, you will have to provide a unique code generated by your authenticator app (typically in your smartphone). If your authenticator app is unavailable, you can also receive your code via text as shown below:
It is recommended you setup this extra layer of security to better protect your data.
Setting up MFA in NutriAdmin
Follow these steps in order to configure MFA for your account.
Step 1: Login to NutriAdmin and click on your name on the top-right corner of the screen. Select My Profile.
Step 2: Find the section for MFA, on the right side of the screen in larger screens, or scrolling down if you are using a small screen. Click on Set up 2-Factor Authentication.
Step 3: A modal window will open up showing a QR code and secret code manually. You can see an example in the screenshot below (part of the codes has been hidden). You will need to use an authenticator app in a smartphone or other supported device.
An authenticator app is a third party app that is usually installed in a smartphone. The app can sync with a unique code generated by NutriAdmin and then produce a 6-8 digit code that changes every 30 seconds. When you login, you will be requested to enter the code produced by your authenticator app. This way, even if someone had access to your password, the secret code produced by your authenticator app is also required, and only the person physically holding the device that was synced initially can produce such code.
You can search online for more information about authenticator apps. One of the most popular free authenticator apps is Google Authenticator, provided by Google. You can check the link below for more information:
Other authenticator apps are available. You can choose your favourite. If you have configured MFA with other online services in the past then it's likely you have already installed an authenticator app in your smartphone already. You can re-use the same app you use for other software and just add an extra code for NutriAdmin.
Step 4: Once you have an authenticator app in your smartphone or other device, please scan the QR code or enter the long secret code manually in your authenticator app. If you do this successfully, then the authenticator app will provide you with a 6-8 digit code that changes every 30 seconds.
Enter the code produced by your authenticator app in the modal window in NutriAdmin. Then press Activate 2FA.
If you have synced your device correctly, then the page will automatically refresh. You should now be able to see MFA Enabled marked with Yes.
Setting up a backup authentication method via SMS
It is recommended you also setup backup authentication via SMS. This way, if you lose your phone or if you lose access to your authenticator app, you will still be able to provide your second factor for authentication by receiving a code via SMS.
Step 1: To setup SMS codes please navigate to the user profile page, then click on Set up backup SMS authentication.
Step 2: Enter your phone number and country code, then click on Confirm phone. Please make sure you enter a phone number that can receive texts via SMS, and do not choose a shared phone that other people have access too as this could compromise security.
Step 3: If done correctly, you should receive a text via SMS in your phone. Enter the code received via text and click Submit Code. If the code matches, then the page should be refreshed and you will see the status of Backup SMS as Active.
What happens if you get locked out of your account
If you lose your authenticator app/smartphone and no longer have access to your smartphone, authenticator app, or phone number, you will have to contact support at NutriAdmin. Your case will be evaluated individually and the NutriAdmin team will help you regain access to your account once your identity has been verified and security checks passed.