OPAS and Gift-Aid:Admin Manual/Two Factor Authentication
What is Two Factor Authentication?
Two factor authentication (2FA) is a security method that requires two forms of identification to access data and resources. It's also known as multi-factor authentication (MFA) or 2-step verification (2SV).
2FA adds an extra layer of security to your accounts, making it harder for cybercriminals to access your data. It's available on most major online services, including banking, email, and social media.
How does 2FA work?
- You provide your email and password to log in
- You receive a code via an Authenticator app on your mobile
- You enter the code to verify your identity
- Should you not have access to your mobile at the time, you enter one of your recovery codes
How to enable 2FA?
2FA can be enabled in your profile page, which you can access by clicking you name on the top-right corner of OPAS
At the bottom of your profile page, you will see the Two Factor Authentication box where you can:
- Enable 2FA
- Disable 2FA
- Regenerate your 2FA recovery codes
In order to enable 2FA you will need an Authenticator app on your phone. There are many available but we suggest the following:
Google Authenticator
Microsoft Authenticator
Please click Enable Two Factor Authentication. A popup will appear.
In this popup there will be a QR code (image on the left of the popup) which you can use to register your Authenticator app with your OPAS account. Here are some examples on how to do this:
Google Authenticator
- Click the
+(plus) button on the bottom-right corner - Choose
Scan a QR code - The camera will be turned on, focus and frame the QR code on your screen with your phone camera
- A code will appear on the app, with the name
OPAS authenticator
Microsoft Authenticator
- Click the QR icon button on the bottom-right corner
- The camera will be turned on, focus and frame the QR code on your screen with your phone camera
OPAS authenticatorwill appear on the app. If you click that name, you will see a code
This OPAS authenticator code is a 6-digit numeric code which is renewed every minute, as indicated by the timer next to it.
On the right of the popup is a field to enter one of these 6-digit numeric codes. You must enter the code as it appears on your Authenticator app and click Confirm.
Please make sure you enter the code within the time period. If it ends, a new code will appear and you must enter this instead.
If you entered the code correctly, you will have a confirmation on the popup that Two Factor Authentication has been enabled.
You will also see your recovery codes. These are 8 codes which you can use as an alternative, when you cannot access your Authenticator app codes. Please keep these in a safe place. There are options for downloading them as a file, print or copy to clipboard.
Please note all recovery codes are single-use. Please erase any recovery codes you use for logging-in
How to log-in with 2FA
You still need to enter you email and password as usual. If you have 2FA enabled, you will be presented with a new screen where you need to enter a code from your Authenticator app.
If you do not have access to the Authenticator app at that moment, please click Use a recovery code. To go back to using a Authenticator app code, please click Use a code from your authenticator app.
Please note all recovery codes are single-use. Please erase any recovery codes you use for logging-in