Overview
Multi-Factor Authentication (MFA) is a security system that requires a second form of authentication to confirm a user’s identity before granting access. MFA is required by default.
PDQ account owners and administrators can allow their users to choose their preferred MFA option from the three options below, or they can enforce a single option across their entire organization.
PDQ Auth currently supports three forms of MFA:
-
Authenticator Apps
Authenticator apps are third party applications used as a form of Multi-factor Authentication (2FA). Once linked to your account, after entering your password during login you will be prompted for a temporary, time-based one-time password (TOTP), which only remains valid for a brief period of time - typically 30 seconds. This code is required as a second authentication factor.
Popular authenticator apps include Google Authenticator, Microsoft Authenticator, and 2FAS.
-
WebAuthn
WebAuthn is a hardware based security method, for example biometrics on a smartphone (facial recognition) or laptop (fingerprint).
-
SMS
SMS authentication requires a mobile phone number to be registered to the account. A temporary passcode is then sent via text message (SMS) to the number associated with the account during the login process and is required to be entered for authentication.
How to Setup or Change MFA (as an individual user)
Users are not required to configure MFA on account creation. However, by default, all accounts require a 2FA method. If this is not changed by an administrator, users will be prompted to configure a valid 2FA method on their next login.
As an individual user, you can manually add an MFA method to your account through the portal by navigating to your profile: https://portal.pdq.com/profile.
In the MFA section, select an MFA method from the list of available methods.
You will be prompted to authenticate with an existing method of MFA before continuing, and then you will be taken to the appropriate setup flow for the new method to complete setup.
MFA Setup for Authenticator app:
MFA Setup for WebAuthN
MFA Setup for SMS
Once you have successfully added a MFA method, you will be redirected back to the portal.
Upon next login, you will have the newly added method available to use as MFA verification.