Multi-Factor Authentication (MFA)

This guide will walk you through the secure login process using email-based MFA, ensuring that your account is protected by an additional layer of security beyond your password.

Multi-Factor Authentication is a security method that requires users to provide two verification forms before accessing their accounts. After entering your email and password, you will be prompted to verify your identity by entering a unique code sent directly to your registered email. This process ensures that even someone who knows your password cannot access your account without the email verification code.

What You Will Learn in This Guide:

• How to log in to your space using your email and password.
• How to retrieve and enter the verification code sent to your email.
• How to handle potential issues such as incorrect or expired codes and request a new one.
• How to complete the MFA process and access to the space.

📘

Enabling Multi-Factor Authentication (MFA)

To activate Multi-Factor Authentication (MFA) for your space, please contact our support team. They will assist you with the setup process to ensure your account is securely protected.

Here's a detailed explanation of the (MFA) process for email login to a space, ensuring both ease of use and maximum security for your space account:

1. Initial Login Screen (Space MFA Access - Login):

   • The user is prompted to log in by entering their email address and password on the login screen.
     
     
   
   
   • Once the user enters the correct credentials and clicks “Login,” the system transitions to the MFA process for additional security verification.
     
     

     📘

     NOTE

     In the login process, if a user has access to multiple spaces within the platform, they will be presented with a “Select your space” screen after entering their email and password. This selection is crucial, as each space can have different security settings, specifically whether Multi-Factor Authentication (MFA) is required.

     That is, if the user belongs to multiple spaces, a “Select your space” pop-up appears. The user is presented with a list of all the spaces they have access to.

     Depending on the selected space, the system will either:

     • Prompt for MFA: If the chosen space has MFA enabled, the user will be directed to enter the verification code sent to their email.
     • No MFA Required: If the chosen space does not have MFA enabled, the user is granted immediate access to the space without needing to provide additional authentication.

     

2. Enter Verification Code Prompt (Enter MFA):

   • After the initial login, the system presents a screen asking the user to enter a verification code. The message indicates that a one-time code has been sent to the user’s registered email address.

     The code has an expiration timer, and in this case, it is shown that the code will expire in 13 minutes and 49 seconds. This ensures that the one-time password (OTP) remains valid for only a short period, enhancing security.

     
     
   
   

   • Simultaneously, the system sends a unique verification code to the user’s email inbox.

     
     

   • If the time limit for entering the verification code has passed, the previously sent code is no longer valid.

     
     

     A “Get New Code” button is provided for the user to request a fresh verification code. Clicking this button will trigger the system to send a new one-time code to their email, allowing them to complete the authentication. Once the user clicks the button, they should verify their email inbox again for the new code. After receiving the new verification code, they can enter it in the field and click "Confirm" to complete the login process.

3. Enter the Code (User Inputs Verification Code):

   • The user retrieves the code from their email and enters it into the verification field.

     
     

   • Once the user enters the verification code, they are directed to either press the “Confirm” button to submit the code for validation.

4. Verification Success (Successful MFA Authentication):

   • Once the system successfully verifies the user’s code, they are granted full access to their space. The user is redirected to the main dashboard, which displays important analytics and data specific to the space.

Therefore, this flow ensures an additional layer of security by requiring not just the user’s password, but also a unique, time-sensitive code sent via email. This prevents unauthorized access even if the user’s password is compromised.