Multi-Factor Authentication offers an additional layer of security by requiring users to confirm their identity before signing into an account. CatalogIt supports the option for users to enable Multi-Factor Authentication (MFA), or Two-Factor Authentication (2FA), via an Authenticator app or SMS text message.  Account owners can verify if their users have MFA enabled.

Enabling MFA

To enable MFA for your user login:

• Log in to your CatalogIt account.
• Select your Main Menu.
• Select Settings.
• Under User Settings, select Multi-Factor Authentication.

You'll arrive at the following screen that presents the options for enabling MFA for your user login:

You can select to use an Authenticator app, such as ones offered by Google or Microsoft, or receive an SMS text code to your phone number.

Authenticator App

An authenticator app verifies access to an account by generating one-time, temporary passcodes, or pushing notifications to a mobile device. Users who choose to enable MFA via an authenticator app will need to provide a one-time code from the app upon logging in to CatalogIt.

To enable MFA via an authenticator app, select Configure by the option for Authenticator App.

Within your authenticator app, locate the option to add a new user login through scanning a QR code or entering a setup code.

Scan the QR code on the CatalogIt configuration screen, or copy the setup code from the configuration screen to paste into the authenticator app's code field.

Upon successful configuration, one-time passcodes will generate within the authenticator app for your CatalogIt login.

SMS Number

Enabling MFA via SMS text code verifies access to an account by sending a one-time passcode to a valid phone number. Users who choose to enable MFA via SMS will need to provide a phone number that can receive text messages. 

To enable MFA via SMS text code, select Configure by the option for SMS Number.

Enter a valid phone number that can receive text messages, and select Send Code.

The SMS number option will now display the configured phone number on the main Multi-Factor Authentication screen.

Disabling MFA

To disable MFA for your CatalogIt user login:

• Log in to your CatalogIt account.
• Select your Main Menu.
• Select Settings.
• Under User Settings, select Multi-Factor Authentication.
• Select Configure by your enabled MFA option.
• On the confirmation screen, select Disable.
• Both MFA options will appear as “Not Configured” on the main Multi-Factor Authentication screen.

Checking User's MFA Status

Account owners can see if users on the account have MFA enabled. MFA is currently optional for users; account owners cannot enable, or disable, MFA for other users. As an extra precaution, account owners who prefer to have MFA enabled on all user logins can add or set a user's access as read-only. Once the user has enabled MFA, the account owner can then change the user's access from readonly to any other user permission.

To check the MFA status of your account's users:

• Log in to your CatalogIt account.
• Select your Main Menu.
• Select Settings.
• Under Account Settings, select Users.
• Check for an Enabled status in the MFA column.