Skip to main content
All CollectionsGetting StartedAdvanced system settings and options
Enable multi-factor login with an Authenticator App
Enable multi-factor login with an Authenticator App

Also known as 2-factor authentication or MFA/2FA. Use Microsoft Authenticator or Google Authenticator to sign into OpenWater

Kunal Johar avatar
Written by Kunal Johar
Updated over 3 weeks ago

Email Verification is a simple multi-factor option that emails the user a one-time code to sign in. While this meets requirements of many multi-factor compliance regulations, it is not as secure as a time based token.

  1. Go to System Settings > System Features, and enable Multi-Factor Authentication Mode for Admins or for All Users
    ​

  2. Then choose the Authenticator App Verification

3. The next time a user logs in, they will see a screen similar to the following:
​

4. Then going forward they will be asked for a code to login which they can get from their phone

5. If a user forgets their town, an admin can reset it in the same screen used to reset a password. (Applicants > Search > Tools)
​

6. If you are an admin and forgot your own token, another admin or OpenWater support can reset it for you

Now when admins login, they'll be greeted with the usual admin login page. If they select "remember me," then they will not be asked to complete the MFA Challenge again for 2 weeks. This is on a sliding expiration, so if an admin logs in again in that 2 week period, then the timer will be reset to be 2 weeks again from that point. Another important consideration is that this is cookie based, so if you clear your cookies, it will remove your pre-authorization.

Did this answer your question?