Multi-Factor Authentication (MFA)

Multi-factor authentication provides additional account security by prompting users to enter an additional code when logging in to ICA.

The code is generated automatically by the users authenticator device, typically an app on their smartphone, and changes frequently.

Enable Multi-Factor Authentication

Login to ICA and open the user's account menu in the top right.

Select Enable MFA to open the Enable Multi-Factor Authentication modal.

Account Menu > Enable MFA

Enable Multi-Factor Authentication modal

Using an authenticator app. (Any will do, below are links to the Google Authenticator app)

Use an authenticator app to scan the the QR Code that is displayed.

Once the app has scanned the QR Code it will provide the user with a code that changes every 30 seconds, enter this code into the Authentication Code field and click Save.

That account is now registered for Multi-Factor Authentication.

Log in with Multi-Factor Authentication enabled

When a user logs in with Multi-Factor Authentication enabled they will be prompted for an authentication code.

The user must enter the current code from their authenticator app.

Login using MFA

Mandatory Multi-Factor Authentication

Mandatory multi-factor authentication can be enabled for specific Security Groups. Any user or operator in the security group will be required to enable multi-factor when logging in to ICA.

Disable Multi-Factor Authentication

Note: This option is not available if mandatory multi-factor is enabled for the user.

Login to ICA and open the user's account menu in the top right.

Select Disable MFA to open the Disable Multi-Factor Authentication modal.

Account Menu > Disable MFA

Disable Multi-Factor Authentication modal

Enter the current code that appears in the user's Authentication app and click save.

Disable Multi-Factor Authentication as an operator.

This requires an operator with privileges to edit operators.

Disabling Multi-Factor Authentication for operators

Login to Patriot, then navigate to the operator menu.

Operator menu on the security tab

Select the operator that needs Multi-Factor Authentication turned off.

Disable Multi-Factor Authentication on an operator

Select the Disable Multi-Factor Auth button.

If the operator has mandatory multi-factor authentication, they will be prompted to re-enable this on next login.

Disabling Multi-Factor Authentication for users

Open the user's User Details page in either the Users tab of a client or under User Maintenance.

In the Remote Access tab select the Disable Multi-Factor Auth button.

If the user has mandatory multi-factor authentication, they will be prompted to re-enable this on next login.

Disable Multi-Factor Authentication on a user