Multifactor Authentication (MFA)
Purpose: An additional layer of account security for logging into LegalServer. It allows access to LegalServer only after you enter a username and password and an authentication code you receive by email or via an authentication app.
Cost: None.
Related: Other Two Factor Authentication (2FA) methods are available.
Site administrators see Multifactor Authentication for Site Administrators for setup.
In this Article:
- Authentication Period
- Initial User Experience
- Configure MFA to Use Email
- Configure MFA to Use an App
- Disabling MFA
- I Lost My Phone / Replaced My Phone (Re-enabling MFA)
Authentication Period
- Authentication lasts 24 hours from when you last entered an MFA code.
- Authentication is specific to a device:
- Different computers are, unsurprisingly, considered different devices.
- Different browsers are also considered different devices. If, for example, you login and authenticate with Firefox, then login with Chrome, you will be prompted to authenticate again (unless you had authenticated with Chrome within that last 24 hours).
- A private or incognito window in the same browser is a different device.
Initial User Experience
Hover your cursor over your name in the upper right corner of any page and select “My Preferences”:
On your My Preferences page, Actions menu > Enable MFA:
Depending on what your site administrators have configured, you can receive your MFA code via email or an app.
Configure MFA to Use Email
The code in the email expires in 15 minutes:
Configuring MFA to Use an App
If offered, and you select MFA via an app, follow the prompts.
You need an authentication app on your phone or device. Install one like you do other apps (or as required by your organization). Options include authentication apps like Google Authenticator, Authy, Microsoft Authenticator, and Duo Mobile, or password vault applications like 1Password, Lastpass, or Bitwarden.
On the next screen, either: 1) scan the LegalServer MFA QR code to set-up an account, or 2) enter the MFA Manual Entry key via the setup key prompt on your device.
The authenticator app will populate a 6 digit code for entry into LegalServer’s Authenticator Code section. The codes expire every 30 seconds.
Disabling MFA
Users
You may be allowed to disable MFA on your My Preferences page via Actions menu > Disable MFA. If MFA is required for your user role by your site administrators, you will not be able to disable it.
Site Administrators
Site administrators can disable MFA, or change a user's MFA Method, by editing those fields on the user record. Those fields are typically not shown, or not editable, on the user profile, but are on an auxiliary form restricted to only Administrators.
When disabling MFA, we recommend setting the Mechanism back to "Please Select":
I Replaced My Phone / Lost My Phone (Re-Enabling MFA)
A site administrator will need to disable MFA for your account. When you next login, you can enable MFA again, or if it is required for your user role, you will be forced to enable MFA again.