Skip to main content

Multi-Factor Authentication (MFA)

Joey Bright
  • Updated

Overview

Multi-Factor Authentication (MFA) adds an additional layer of security to your Avela account by requiring a second form of verification when logging in. MFA prevents someone from fraudulently accessing your account and student, family, and district data, even if they gain access to your username and password combination.

Availability and Enabling MFA for your organization

  • MFA is currently available exclusively for administrator accounts and must be set up for the entire organization
  • To enable MFA, contact your Avela Client Services representative
  • Additional charges apply for this security feature

Authentication Apps

To use MFA, administrators will need to install an authenticator app on their mobile device. Compatible apps include:

Refer to your internal security policies for guidance on downloading and setting up your organizations preferred authenticator app.

Admin’s First Time

Your staff users will receive an email from noreply@avela.org containing a prompt to join your organization on Avela. Clicking the link in the email will prompt you to create an account. This includes adding a password and setting up MFA.

Setting up MFA is as follows. Note the process for setting up MFA may change slightly depending on the application you’re using.

  1. A QR code will appear on the screen
  2. Scan that QR code with the authenticator app
  3. Once scanned, the authenticator app will display a code
  4. Input that code into the text box in Avela, below the displayed QR code
  5. If the code is correct, you will be shown a long string of numbers and letters. This is your recovery code that can be used to login if you loose access to your MFA application. Store this code in a secure location, such as a password manager.
  6. You will then be able to proceed to login, using your created login information (username, password, and MFA code generated by the app)

Login Process

After setting up MFA, every time you login, you will be prompt to enter a code generated by your authenticator app. This code will be asked for after you enter your username and password to login. It will look something like this:

qa.auth.avela.org_mf_state=hKFo2SBuMkg3dktQTW5IWTVQeUMxclNRQVlRazE1YW1lU2prTKFuo21mYaN0aWTZIG5faklQQXd1TEQzZDh4VDlRbFRIbUc3TE83SzlXa2ZBo2NpZNkgenA5WjBibGZIMzlaTmdmNTF6YmNDYjdXZWxkVE1TbDU(iPad Pro).png

When shown this screen, open your authenticator app and enter the time-based one-time password (TOTP) shown. It will look something like this:

Group 1.png

If the entered code is correct, you will be allowed to login.

Browser Session

For convenience, Avela allows you to save your browser session for up to 30 days. During this period, you won't need to enter the MFA code when logging in from the same browser.

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk