Multi Factor Authentication - User Guide
Multi-Factor Authentication Cloud– User Guide
Date: May 1, 2019
Version: 1.1
Prepared By: William Chu
Self-service User Portals
These URLs will direct you to the MFA cloud self-service portal:
Methods of Authentication
You have a choice between 4 methods, and you can switch your method at any time using the self-service portal.
How it works:
You will receive a prompt from the Microsoft Authenticator app on your smartphone asking you to tap Approve to complete your authentication.
Requirements:
- Apple, Android, or Windows smartphone or tablet.
- Data or WIFI internet connection.
- Push notifications enabled.
Installing the Mobile App:
- Search for “Microsoft Authenticator” from your mobile device’s app store and install it.
How it works:
You will receive a phone call with an operator asking you to press # on your phone to verify your authentication.
Requirements:
- Any type of phone with a # button.
How it works:
You will receive a text message on your mobile phone with a 6-digit verification code, enter the code into the website you are logging into.
Requirements
- Any mobile phone capable of receiving and sending text messages.
How it works:
You will enter the 6-digit code that is displayed on the mobile app into the website you are logging into.
You will enter the 6-digit code that is displayed on the hardware token into the website you are logging into.
Note: this would be the last method of choice, if all other methods do not fit your needs.
Requirements:
- For the mobile app token method: Apple, Android, or Windows smartphone or tablet with the Microsoft Authenticator App (Data and WIFI is not required).
- For hardware token method: an OATH hardware token issued by Canaccord Genuity IT.
User Enrollment
- Go to one the MFA Cloud User Portal URLs:
- For enrollment, go to the portal from your Canaccord Genuity computer.
-
b. You may access the portals from any computer at any time to update your settings afterwards.
- You are encouraged to enroll in all 3 options below: Authenticator app, phone call or text, and security questions. By having all 3 options, it will be easier for you to edit your security info later on incase you need to make adjustments, as IT support can only reset your security info and have you re-enroll if you have issues.
- Type in your Canaccord Genuity email address for the username and enter your company domain password, and then click next.
- Click the Security Info menu and begin the enrollment.
- For the Authenticator App method (or OATH Token method from mobile device) follow these steps to activate your account. If you have not done so, install the Microsoft Authenticator app on to your mobile device.
- On the mobile phone Microsoft Authenticator app, choose add (+ symbol) and select “Work or school” account
- Hold your mobile device’s camera to your computer monitor and scan the QR code.
- After scanning the QR code, click Done to test the authentication on the app. Tap approve when prompted on the mobile app, then your activation is complete.
5. For the Phone Call or Text Message method, follow these steps to complete your settings:
- Enter in the phone number you will be using along with the appropriate country prefix. Choose your preferred option of a phone call or text message and click next.
- If you chose the phone call option, you will receive a phone call asking you to press # to finish authentication. If you chose text message option, you will receive a 6-digit code to verify your authentication; once verified, click done.
- For the Security questions, specify answers to 3 questions so that you can have a fallback option to login to the portal.
- You may change your default MFA method at anytime via the portal.
Reporting Fraud
If you encounter an instance where you receive an authentication prompt for Multi-Factor Authentication, which you did not initiate, it most likely means someone is attempting to login with your Canaccord account. In these cases, we encourage you to report fraud through these simple steps.
How to report fraud:
Mobile App Users: You receive a prompt asking you to tap approve, but you have not attempted to login. Instead of tapping approve, tap the Deny button on your smartphone.
Phone Call Users: You receive a call asking you to finish your verification, but you have not attempted to login. Instead of pressing #, Press 0 #.
Text Message Users: You receive a text asking you to reply with the verification code, but you have not attempted to login. Instead of replying with the code in the text message, reply and send 0 as the text message.
After reporting fraud:
- A notice will be generated for Canaccord IT administrators.
- Your Multi-Factor Authentication method will be blocked in the meantime.
- A Canaccord IT administrator is required to unblock your account after investigating.
Troubleshooting Mobile App
Not able to activate the mobile app.
- Ensure your mobile device is connected to the internet. Check by seeing if you can go to your favourite website from
your device’s browser.
- Ensure you have push notifications turned on for the Microsoft Authenticator app.
- Turn off your mobile device and turn back on and try again.
- Uninstall the Microsoft Authenticator app, and re-install from your mobile device’s store.
- If you are scanning the QR code, make sure your camera lens is clean.
- If you are manually typing in the code and URL, make sure you type in the fields exactly as displayed on the user portal website.
Not receiving notifications to verify my authentication.
- Ensure your smartphone is connected to the internet. Check by seeing if you can go to your favourite website from
your device’s browser
- Ensure you have push notifications turned on for the Microsoft Authenticator app.
- Open the Microsoft Authenticator App. This will search for authentication requests if they did not come into your smartphone in time.
Phone Call and Text Message
Not receiving a phone call or text message to verify my authentication.
- Ensure your phone has reception, by placing/receiving a test call or sending/receiving a text message successfully.
- Ensure your phone number is inputted correctly in your user portal settings, along with the correct country prefix.
OATH Token
Failed attempt after typing in the 6-digit code into the website I am trying to authenticate in.
- Wait for the 6-digit code to change numbers on your mobile app (or hardware token) and try again. The numbers will change every 60 seconds.
Hardware token is not displaying any numbers.
- It most likely ran out of batteries; please ask your Canaccord IT support team to issue you a new one.