Article Details
Id:21141
Product:finPOWER Connect
Type:NEW
Version:4.01.00
Opened:25/01/2024
Closed:05/03/2024
Released:29/04/2024
Job: J032789
High Importance

Portals; Multi-Factor; Authenticator App; New options to allow Clients to bypass the Authenticator App and receive a code via Email instead

The Portals form, Multi-Factor page has two new checkboxes:

  • Allow Client to receive MFA code via Email if unable to use Authenticator App?
    • Allow Client to set this as their default?

These options are enabled for Client-based Portals that have their Multi-Factor Authentication Method set to "Authenticator App".

This allows Clients who do not have access to the device running the Authenticator App (e.g., they have lost it), or find Authenticator Apps confusing, to still access the Portal.

Clients will see a new link at the bottom of the "Setup Multi-Factor Authentication" dialog to:

Send security code via email to test*.co.nz

Upon sending the code, if the "Allow Client to set this as their default" option is checked on the Portal, the Client will be prompted to "always use email for Multi-Factor Authentication".

No changes were required to the built-in Login form since the new link allowing an Email code to be sent is part of the message (i.e., "Enter the 6-digit code displayed in your authenticator app").

NOTE: The initial Authenticator App step, involving a QR code will still show for Clients every time they sign in if they used an email code instead of an Authenticator App to access the Portal the first time (providing they have not opted to set email as their default).

When the Client is sent an email containing a security code, it is logged in the activity log for that Client. This means, in Portals such as the Client Connect sample, viewing the "Recent Activity" tab will show an entry with a type of "Client Portal Information". If you are using an updated copy of the Client Connect Portal then you will also see details such as:

Authenticator App code sent to email test*****.co.nz