Xoro now supports multi-factor authentication (MFA) in the login process.
Multi-factor authentication (MFA) is used to ensure that digital users are who they say they are by requiring that they provide at least two pieces of evidence to prove their identity. Each piece of evidence must come from a different category: something they know, something they have or something they are. If one of the factors has been compromised by a hacker or unauthorized user, the chances of another factor also being compromised are low, so requiring multiple authentication factors provides a higher level of assurance about the user’s identity.
Please note: The user should have a valid phone number and Email Id in order to use MFA.
How does it work?
- Go to the Login page.
- The user can select the method desired for the OTP (One time password).
- If email and phone both are set up then it will show all the options.
- If the phone number doesn’t exist then it will show the option of email.
- Select the option to sign in to the account.
- The following page will be displayed to enter the security key.
- Enter the Security Code sent to your email id/phone number.
- When the option “Don’t require OTP on this browser” is checked, the system will ask to enter the Device Name.
- Enter the Device Name and the details like Device name, IP Address will be saved under the “My Trusted Devices” module.
- Saving the Device will remove the need to generate OTP next time when the same user logs in from the saved Device.
- The OTP expires in 45 seconds.
- If the information is deleted from “User Trusted Devices”, the browser will ask for the OTP again while logging in.
- If the User’s Email or Phone number is updated, the authorization Code/OTP will be received on the updated email/phone number.
- Phone number is mandatory in user information and User Upload if using the 2 Factor Authentication process.
**This is a Paid Feature, please log in a Ticket if this comes under the requirement of your Company.