How to Setup Multi-Factor Authentication (MFA) in Aristotle

What is Multi-Factor Authentication (MFA)?

Multi-factor verification helps you to access your accounts more securely. As passwords can be stolen or compromised, multi-factor verification adds additional layers of verification that help protect your accounts by making it harder for other people to login to your accounts. Based on research by Microsoft, it reduces your risk of account compromise by over 99.9%.

Aristotle MDR currently only supports authentication via a time-based code generated by an authentication app on a user’s phone. This is a 6-digit numeric code that changes every 30 seconds. To learn more about authentication apps, follow this link from the Australian Cyber Security Centre.

How to Setup MFA

1. Go to your user profile, from either the Dashboard side panel or the dropdown from the header bar.

2. On the action tab of your profile, click on the ‘Multi-factor authentication’ link of the Action tab.

3. If you don’t have multi factor authentication enabled, your Multi-factor Authentication Settings page will look like this:

4. Start the ‘Enable two-factor authentication’ wizard by Clicking on "Next".

5. Use your authentication device to generate a token by scanning the QR Code.

6. Enter the token generated by your authenticator application and select 'Next'. Below is an example token.

7. Click on the ‘Back to Account Security’ button to confirm that multi-factor has been enabled.

Make sure you also generate recovery codes once you have setup your device. If you lose access to your device, recovery codes will allow you to access your account. To access your recovery codes, click on the ‘Show Codes’ button. Make sure you keep these codes in a safe location.

How to Change a MFA Device

If you want to swap your MFA device, you must first disable your current MFA authentication, before adding a new device.

1. Go to your profile, and click on 'Multi-factor authentication’ to go to your two-factor security page.

2. Click on 'Disable Multi-Factor Authentication'.

3. Disable multi-factor authentication by confirming that you want to disable.

4. Follow the "How to setup MFA in Aristotle" tutorial above to setup multi-factor authentication again with your new device

What happens if I lose my MFA device?

If you lose your device, and have access to your recovery codes, simply enter a recovery code during the second factor of the login.

1. Click on the 'Use Backup Token' button and enter your backup token there.

If you lose your MFA device and you don’t have access to your backup codes, you need to get in contact with an Administrator for your registry, who can disable your multi-factor authentication.

How to disable MFA for another user in Aristotle

1. From the Dashboard side panel select 'Administrator Tools'.

2. Select 'Manage Users' under the Manage Registry heading.

3. Find the user that you are trying to disable in the table, here we are going to disable the MFA for Lauren.

4. Click on the user’s name to go to their profile. Here, we can see from their profile that multi-factor authentication is enabled.

5. Click on the ‘Multi-factor authentication’ link in the Actions tab.

6. Confirm that you want to disable two-factor authentication for that user.