Why is MFA important?

Multi-Factor Authentication adds an extra layer of security by requiring not only a password but also a second verification method, such as a code from an authenticator app. This greatly reduces the risk of unauthorised access, even if your password is compromised. As security threats continue to evolve, and given the type of data you store in intelligentgolf, it is crucial to stay ahead by implementing robust measures like MFA.

How to enable MFA

YOU CAN WATCH A DEMONSTRATION HERE

To enable MFA, please follow the steps below:

1) Click the "Click here to enable MFA now" button in the webmaster alert.

2) Download your preferred Authenticator App. We recommend the Google Authenticator App , but you are free to use any authenticator app of your choice. We have provided links to the App Store and Play Store from the verification screen so you can ensure you are downloading the correct app.

3) Using the Authenticator App, click "Scan QR Code" or "Add."



4) Your phone will now open a camera; use your phone to scan the QR code displayed on the verification screen.

5) The Authenticator App will now generate a 6-digit code that changes every 30 seconds.

6) Enter the 6-digit code into the input fields provided and click "ENABLE."

That’s it, you are now MFA enabled!

Logging in:

From then on, when logging into the platform, you will be prompted to enter the 6-digit code from your authenticator app. This will replace the Secondary Authentication password you previously entered when accessing webmaster-only pages.

Please see the video below showing the new login process:

For days when administrators do not have access to their device, we have provided webmasters with the ability to "Generate Backup Codes".

Navigate to Admin > Security Admin > Admin Unlock:

In this screen, you can reset MFA for a given user, generate backup codes, and, for now, generate secondary authentication codes for users who are not yet enabled for MFA.

• Reset MFA: Resetting MFA will restart the process above, meaning that the webmaster must re-enable MFA. This should only be used if the user loses permanent access to their device, for example, if they get a new phone with a new authenticator app.
• Generate Backup Codes: This should be used to provide temporary access to the system for a day if the user forgets their phone. They should then use their own device or reset if they change their phone.
• Generate Code: This will still be used for other administrators using Secondary Authentication until all users have transitioned to MFA.

To use the backup code when logging in, click "Lost access to you authenticator app?" on the MFA screen:



The user can then enter the 8 digit back up code that anther webmaster generates for them:

Please see a video on this process below: