MFA (Multi-Factor Authentication) setup guide

WARNING

MFA is not available to accounts being served by Single sign-on. In this case, your identity provider will provide the MFA functionality.

Keeping your account secure is crucial, and enabling Multi-Factor Authentication (MFA) with Time-Based One-Time Passwords (TOTP) provides an extra layer of defense. TOTP works by generating temporary codes on an authentication app, ensuring that only you can log in—even if your password is compromised. Unlike SMS-based authentication, TOTP codes are not transmitted over the network, making them more resistant to phishing and interception attacks.

Setting up MFA with TOTP is quick and significantly strengthens your account security. Enabling it helps safeguard your information and reduce the risk of unauthorized access.

Some examples of authenticator apps that can be used for TOTP MFA are:

• Google Authenticator
• Microsoft Authenticator
• Authy
• 1Password
• FreeOTP
• Bitwarden

Enabling MFA on your Civillo account

You enable MFA from your user profile.

1. When signed in, in the upper-right corner, click your user name and then click the Profile button. You can also follow this link (opens new window).

2. Navigate to the section titled Multi-factor authentication.

3. Change the Type to TOTP and click Enable.

4. A dialog will show containing a QR code.

5. Open the authenticator app of your choice and navigate to where you add a new entry (this will depend on the specific app you use).

6. Using the app, scan the QR code. When detected, the entry should be added to your app automatically and it should start generating time codes

7. Enter the code shown in the app into the confirmation code entry in the dialog in Civillo and click Confirm.

8. You should get a Success message. MFA is now enabled for your account.

After enabling MFA, after entering your username and password, you will be required to enter the TOTP code from your authenticator app. Don't lose it or you will need to contact Civillo support to get access to your account again.

Disabling MFA on your Civillo account

Disabling MFA can be useful when you want to remove your authenticator app or setup with a new one. We advise against disabling MFA for convenience reasons.

1. When signed in, in the upper-right corner, click your user name and then click the Profile button. You can also follow this link (opens new window).

2. Navigate to the section titled Multi-factor authentication.

3. Click Disable.

4. A dialog will show for you to enter a TOTP code. Enter the TOTP code from your existing authenticator and click Confirm.

5. You should get a Success message. MFA is now disabled for your account.