Some Multi-Factor Authentication Users are encountering a defect upon the first login to ETO.
Some Multi-Factor Authentication Users are encountering a bug upon the first login to ETO using MFA.
The users Country Code in Manage User Accounts is defaulted to Afghanistan after their first MFA login attempt, making their phone number "invalid". This issue can be remedied by changing the users country code back to US or CA in Manage User accounts. They can then login and will not experience the issue again.
Disclaimer: If you wish to purchase Multi-Factor Authentication for utilization, you will need to get in contact with your Account Manager.
Step 1: Set up User accounts.
From the Navigation Bar, go to Site Administration > Manage User accounts, and edit users, adding the phone number to each user's cell phone field. Land line phones can be entered into this field, however users will receive an automated voice call instead of a text message.
Update the Cell Phone field and click Save and Close.
The information can also be batch uploaded into the system using the "Batch Upload User Upload" functionality. (Site Administration > Batch Upload) Cell phone will be a required field to complete the user Batch Upload after MFA is enabled by Social Solutions.
Users can also update their own phone numbers by clicking their name in the upper right hand corner of ETO Software and clicking on Manage My Account. They will now have cell phone as an option:
Step 2: Bypass MFA
To indicate that a user should not receive Multi Factor Authentication, Go to Site Administration > Manage User Accounts > Edit the User > Check the Bypass MFA box > Save and Close.
Step 3: Set Limits for Authentication
Navigation Bar > Enterprise > Manage My Enterprise >Multi Factor Authentication
Adjust "Days before a User must re-authenticate" to a number between 1 - 60.
Adjust "Limit Number of Authentications (Current Usage: 0)"
Select the number of days before a user must authenticate the their account. Best practice is to set this between 30 to 60 days. This will determine the frequency that the user will receive instructions to authenticate their account via cell phone.