Introducing MFA to accessplanit
accessplanit's latest update has recently launched for all customers and we are so excited to unveil lots of new features that will improve the way you use our training management software. One of the biggest updates from this release is multi-factor authentication (MFA).
Watch our 'Keeping Your Platform Secure' webinar for a full rundown of all the security features available in your accessplanit platform, including a demonstration of how to set up MFA with our Customer Support Advisor, Stuart.
But what is MFA, what are the benefits of MFA and how do you set up MFA? In this blog, we’ll run down the answers to these questions and how they pertain to your accessplanit platform.
Designed to improve the security of your training management system, MFA is considered essential for some security certifications and is an easy-to-use tool that further solidifies accessplanit as the top training management software.
What is MFA?
Multi-factor authentication, sometimes called two-factor authentication (2FA), is an extra layer of protection for online accounts on top of the standard username and password.
To access an account with MFA set up, a user would firstly need to know the correct username and password, and then be able to authenticate that they are who they say they are with an additional check. This often takes the form of a temporary code or password sent to the user on another platform, or a biometric check, like their fingerprint.
MFA is based on two factors - things you know (such as your password) and things you have (such as a smartphone).
Different types of MFA
How does MFA work? There are a few different methods that can be used, including authenticator apps that are downloaded to your phone which display a one-time passcode (OTP). Similarly, there is also the option of SMS messages which send a code to the user's phone number.
accessplanit's MFA method uses email. When users request to log in, they will receive a code in their inbox. This option is not only highly accessible (there's no need to download any additional software and all you need is an internet connection) but also benefits from the security measures that many email providers have as standard.
Why should I use MFA?
The choice is yours on whether you'd like to have MFA set up in your accessplanit platform (and which users would require MFA to log in), so what are the benefits of MFA and why should you consider making use of this new feature? Here are some advantages of MFA:
Improved security
The most obvious benefit of MFA is the enhanced level of security that it offers. When MFA is enabled, it offers an additional layer to fight against cyber threats because it requires users to identify themselves by more than a username and password, using different a different device or software. This makes it difficult for unauthorised users to fraudulently access accounts that they shouldn't - even if they know the password.
Mitigating password vulnerabilities
Similarly, it's well known in the world of cyber security that passwords are vulnerable to attacks, such as phishing, keylogging, brute force attacks or data leaks. These risks are mitigated when an account is protected by more than just a password and a second form of verification is needed.
Compliance
Many regulatory standards and security certifications (such as GDPR, HIPAA and PCI DSS) recommend or require the use of MFA for you to be considered fully compliant, in order to ensure the protection of sensitive data. This feature has been highly requested by our customers for this reason.
How to set up MFA in accessplanit
You'll need to be a Super Administrator to turn MFA on and off. From the Administration tab, you can access the 'Security Options' menu where you can enable or disable MFA.
Before you do this, however, you'll need to make some key decisions. This includes which users will require MFA on their logins, based on their roles. You can choose any combination of Super Administrators, Training Administrators, Trainers, Customer Managers and Individuals.
You also need to decide how your company's name should appear in MFA emails.
Speak to a member of the accessplanit team about your preferences before you switch MFA on. We'll put these in place for you, offering peace of mind that MFA will work exactly as required.
How MFA works in accessplanit
1. The first time someone tries to log in after MFA has been turned on, they will be prompted to set up MFA by confirming their email address. After this login, they will not be able to change their email address when logging in.
2. After they have entered a valid username and password, users will be sent a one-time passcode to their email address.
3. Enter the code for access to the account. The code will be valid for 15 minutes and users can have up to 3 codes in a 24 hour period. After 5 incorrect codes, the account will be locked.
Note: MFA will be required from relevant users on all login routes every time they try to access your platform from a new browser or device, or every 120 days on familiar browsers or devices. MFA does not work where single sign-on (SSO) is enabled, but most SSO services have their own security measures such as MFA which you can enable.
Conclusion
We are so excited to share this latest release with our customers! We are dedicated to ensuring the security of our customers' (and their customers') data, evidenced by us being the only training management software to have the Cyber Essentials Plus certification - and introducing MFA is just another example of this.
Find out what the other big updates were in this release in our blog post: Top 3 Features from accessplanit's April 2024 update.
If you have any questions, concerns or need help with setting MFA up, don't hesitate to reach out - either to your dedicated Customer Success Manager or to our Support Team, available online and on the phone, Monday to Friday, 9am-5pm.
We are always looking for ways to improve our training management software and customer service and your input is very important to us, so be sure to let us know any feedback, too!